git: 0e4025bffa2b - main - bridgestp: validate timer values in config BPDU
Kristof Provost
kp at FreeBSD.org
Mon Apr 19 12:10:31 UTC 2021
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=0e4025bffa2bab3461b72b40d0b1468722ff76e6
commit 0e4025bffa2bab3461b72b40d0b1468722ff76e6
Author: Jonah Caplan <jcaplan at blackberry.com>
AuthorDate: 2021-04-15 09:28:42 +0000
Commit: Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-04-19 10:09:18 +0000
bridgestp: validate timer values in config BPDU
IEEE Std 802.1D-2004 Section 17.14 defines permitted ranges for timers.
Incoming BPDU messages should be checked against the permitted ranges.
The rest of 17.14 appears to be enforced already.
PR: 254924
Reviewed by: kp, donner
Differential Revision: https://reviews.freebsd.org/D29782
---
sys/net/bridgestp.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/sys/net/bridgestp.c b/sys/net/bridgestp.c
index 9e3a3e14ecda..cf182d2efe7b 100644
--- a/sys/net/bridgestp.c
+++ b/sys/net/bridgestp.c
@@ -597,6 +597,23 @@ bstp_received_bpdu(struct bstp_state *bs, struct bstp_port *bp,
return;
}
+ /* range checks */
+ if (cu->cu_message_age >= cu->cu_max_age) {
+ return;
+ }
+ if (cu->cu_max_age < BSTP_MIN_MAX_AGE ||
+ cu->cu_max_age > BSTP_MAX_MAX_AGE) {
+ return;
+ }
+ if (cu->cu_forward_delay < BSTP_MIN_FORWARD_DELAY ||
+ cu->cu_forward_delay > BSTP_MAX_FORWARD_DELAY) {
+ return;
+ }
+ if (cu->cu_hello_time < BSTP_MIN_HELLO_TIME ||
+ cu->cu_hello_time > BSTP_MAX_HELLO_TIME) {
+ return;
+ }
+
type = bstp_pdu_rcvtype(bp, cu);
switch (type) {
More information about the dev-commits-src-all
mailing list