Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bgpd: Validate maximum length of software version when handling via dynamic caps #14511

Conversation

ton31337
Copy link
Member

No description provided.

…ynamic caps

We should not allow exceeding the stream's length, and also software version
can't be larger than 64 bytes.

Signed-off-by: Donatas Abraitis <[email protected]>
It can't begin with anything else, otherwise something is broken on the wire.

Signed-off-by: Donatas Abraitis <[email protected]>
@frrbot frrbot bot added bgp tests Topotests, make check, etc labels Sep 29, 2023
@ton31337 ton31337 added this to the 9.1 milestone Sep 29, 2023
@NetDEF-CI
Copy link
Collaborator

NetDEF-CI commented Sep 29, 2023

Continuous Integration Result: FAILED

Continuous Integration Result: FAILED

See below for issues.
CI System Testrun URL: https://ci1.netdef.org/browse/FRR-PULLREQ2-14406/

This is a comment from an automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

Get source / Pull Request: Successful

Building Stage: Successful

Basic Tests: Failed

Topotests Ubuntu 18.04 arm8 part 9: Failed (click for details) Topotests Ubuntu 18.04 arm8 part 9: Unknown Log URL: https://ci1.netdef.org/browse/FRR-PULLREQ2-14406/artifact/TOPO9U18ARM8/TopotestDetails/ Topotests Ubuntu 18.04 arm8 part 9: No useful log found
Topotests Ubuntu 18.04 i386 part 9: Failed (click for details)

Topology Test Results are at https://ci1.netdef.org/browse/FRR-PULLREQ2-TOPO9U18I386-14406/test

Topology Tests failed for Topotests Ubuntu 18.04 i386 part 9
see full log at https://ci1.netdef.org/browse/FRR-PULLREQ2-14406/artifact/TOPO9U18I386/TopotestLogs/log_topotests.txt
Topotests Ubuntu 18.04 i386 part 9: Unknown Log
URL: https://ci1.netdef.org/browse/FRR-PULLREQ2-14406/artifact/TOPO9U18I386/TopotestDetails/

Topotests Ubuntu 18.04 arm8 part 0: Failed (click for details) Topotests Ubuntu 18.04 arm8 part 0: Unknown Log URL: https://ci1.netdef.org/browse/FRR-PULLREQ2-14406/artifact/TOPO0U18ARM8/TopotestDetails/

Topology Test Results are at https://ci1.netdef.org/browse/FRR-PULLREQ2-TOPO0U18ARM8-14406/test

Topology Tests failed for Topotests Ubuntu 18.04 arm8 part 0
see full log at https://ci1.netdef.org/browse/FRR-PULLREQ2-14406/artifact/TOPO0U18ARM8/TopotestLogs/log_topotests.txt

Successful on other platforms/tests
  • Topotests Ubuntu 18.04 i386 part 6
  • Topotests Ubuntu 18.04 i386 part 1
  • Topotests Ubuntu 18.04 amd64 part 4
  • Topotests Ubuntu 18.04 arm8 part 6
  • Topotests Ubuntu 18.04 amd64 part 0
  • Addresssanitizer topotests part 2
  • Topotests Ubuntu 18.04 amd64 part 5
  • Topotests Ubuntu 18.04 arm8 part 1
  • Topotests Ubuntu 18.04 amd64 part 7
  • Topotests debian 10 amd64 part 6
  • Addresssanitizer topotests part 3
  • Topotests debian 10 amd64 part 0
  • Addresssanitizer topotests part 9
  • Topotests debian 10 amd64 part 5
  • Topotests Ubuntu 18.04 arm8 part 7
  • Topotests Ubuntu 18.04 arm8 part 2
  • Topotests Ubuntu 18.04 i386 part 7
  • Topotests Ubuntu 18.04 i386 part 2
  • Topotests Ubuntu 18.04 arm8 part 8
  • CentOS 7 rpm pkg check
  • Topotests Ubuntu 18.04 amd64 part 3
  • Addresssanitizer topotests part 6
  • Topotests debian 10 amd64 part 9
  • Topotests Ubuntu 18.04 amd64 part 1
  • Topotests Ubuntu 18.04 i386 part 5
  • Topotests debian 10 amd64 part 7
  • Topotests Ubuntu 18.04 i386 part 0
  • Topotests Ubuntu 18.04 amd64 part 2
  • Addresssanitizer topotests part 0
  • Debian 10 deb pkg check
  • Topotests debian 10 amd64 part 3
  • Topotests debian 10 amd64 part 8
  • Topotests Ubuntu 18.04 amd64 part 6
  • Topotests Ubuntu 18.04 arm8 part 4
  • Ubuntu 18.04 deb pkg check
  • Addresssanitizer topotests part 1
  • Ubuntu 20.04 deb pkg check
  • Topotests Ubuntu 18.04 i386 part 4
  • Addresssanitizer topotests part 4
  • Topotests Ubuntu 18.04 amd64 part 9
  • Debian 9 deb pkg check
  • Topotests Ubuntu 18.04 i386 part 8
  • Topotests Ubuntu 18.04 i386 part 3
  • Addresssanitizer topotests part 8
  • Topotests Ubuntu 18.04 arm8 part 5
  • Addresssanitizer topotests part 7
  • Topotests debian 10 amd64 part 4
  • Topotests Ubuntu 18.04 arm8 part 3
  • Addresssanitizer topotests part 5
  • Topotests debian 10 amd64 part 1
  • Static analyzer (clang)
  • Topotests debian 10 amd64 part 2
  • Topotests Ubuntu 18.04 amd64 part 8

@NetDEF-CI
Copy link
Collaborator

Continuous Integration Result: SUCCESSFUL

Congratulations, this patch passed basic tests

Tested-by: NetDEF / OpenSourceRouting.org CI System

CI System Testrun URL: https://ci1.netdef.org/browse/FRR-PULLREQ2-14406/

This is a comment from an automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

@donaldsharp
Copy link
Member

On line 3071 how do we know that pnt + 3 is going to be legal? Have we done a check to ensure that this is readable? For some reason the GitHub app will not allow me to comment on the line?

@ton31337
Copy link
Member Author

ton31337 commented Oct 3, 2023

On line 3071 how do we know that pnt + 3 is going to be legal? Have we done a check to ensure that this is readable? For some reason the GitHub app will not allow me to comment on the line?

Yes, it's validated already (in bgp_capability_msg_parse()) before we do some modifications here.

Screenshot-2023-10-03-08:40:37

Copy link
Member

@riw777 riw777 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good

@riw777 riw777 merged commit 373d46d into FRRouting:master Oct 3, 2023
7 checks passed
@ton31337 ton31337 deleted the fix/bgpd_software_version_capability branch October 3, 2023 14:36
Keelan10 pushed a commit to Keelan10/frr that referenced this pull request Oct 4, 2023
…ftware_version_capability

bgpd: Validate maximum length of software version when handling via dynamic caps
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bgp master size/M tests Topotests, make check, etc
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants