git: dbfd8660a96d - stable/12 - bridgestp: validate timer values in config BPDU
Kristof Provost
kp at FreeBSD.org
Tue May 18 12:18:42 UTC 2021
The branch stable/12 has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=dbfd8660a96df693b66e9f13c70ca4302d2bfa84
commit dbfd8660a96df693b66e9f13c70ca4302d2bfa84
Author: Jonah Caplan <jcaplan at blackberry.com>
AuthorDate: 2021-04-15 09:28:42 +0000
Commit: Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-05-18 12:17:46 +0000
bridgestp: validate timer values in config BPDU
IEEE Std 802.1D-2004 Section 17.14 defines permitted ranges for timers.
Incoming BPDU messages should be checked against the permitted ranges.
The rest of 17.14 appears to be enforced already.
PR: 254924
Reviewed by: kp, donner
Differential Revision: https://reviews.freebsd.org/D29782
(cherry picked from commit 0e4025bffa2bab3461b72b40d0b1468722ff76e6)
---
sys/net/bridgestp.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/sys/net/bridgestp.c b/sys/net/bridgestp.c
index 4be8e2f20819..9528cd92646a 100644
--- a/sys/net/bridgestp.c
+++ b/sys/net/bridgestp.c
@@ -594,6 +594,23 @@ bstp_received_bpdu(struct bstp_state *bs, struct bstp_port *bp,
return;
}
+ /* range checks */
+ if (cu->cu_message_age >= cu->cu_max_age) {
+ return;
+ }
+ if (cu->cu_max_age < BSTP_MIN_MAX_AGE ||
+ cu->cu_max_age > BSTP_MAX_MAX_AGE) {
+ return;
+ }
+ if (cu->cu_forward_delay < BSTP_MIN_FORWARD_DELAY ||
+ cu->cu_forward_delay > BSTP_MAX_FORWARD_DELAY) {
+ return;
+ }
+ if (cu->cu_hello_time < BSTP_MIN_HELLO_TIME ||
+ cu->cu_hello_time > BSTP_MAX_HELLO_TIME) {
+ return;
+ }
+
type = bstp_pdu_rcvtype(bp, cu);
switch (type) {
More information about the dev-commits-src-branches
mailing list