ospfd: add validation in several places before accessing message bodies (backport #21303) #21494
frrbot / frrbot
completed
Apr 10, 2026 in 16s
Style and/or linter errors found
Style and/or linter errors found
Details
Thanks for your contribution to FRR!
Click for style suggestions
diff --git a/ospfd/ospf_te.c b/ospfd/ospf_te.c
index 385db1bda9..0c6b6c41dd 100644
--- a/ospfd/ospf_te.c
+++ b/ospfd/ospf_te.c
@@ -2148,8 +2148,7 @@ static int ospf_te_parse_te(struct ls_ted *ted, struct ospf_lsa *lsa)
/* ... otherwise, skip it */
if (len < (TE_LINK_SUBTLV_DEF_SIZE + TLV_HDR_SIZE) ||
- TLV_BODY_SIZE(tlvh) != TE_LINK_SUBTLV_DEF_SIZE ||
- TLV_SIZE(tlvh) > len)
+ TLV_BODY_SIZE(tlvh) != TE_LINK_SUBTLV_DEF_SIZE || TLV_SIZE(tlvh) > len)
return -1;
len -= TE_LINK_SUBTLV_DEF_SIZE + TLV_HDR_SIZE;
@@ -2735,12 +2734,9 @@ static int ospf_te_parse_ri(struct ls_ted *ted, struct ospf_lsa *lsa)
/* Vertex has been created or updated: export it */
if (vertex->status == NEW || vertex->status == UPDATE) {
ote_debug(" |- %s SRTE info - SRGB[%d/%d] SRLB[%u/%u] MSD[%u] for Vertex %pI4",
- vertex->status == NEW ? "Add" : "Update",
- vertex->node->srgb.lower_bound,
- vertex->node->srgb.range_size,
- vertex->node->srlb.lower_bound,
- vertex->node->srlb.range_size,
- vertex->node->msd,
+ vertex->status == NEW ? "Add" : "Update", vertex->node->srgb.lower_bound,
+ vertex->node->srgb.range_size, vertex->node->srlb.lower_bound,
+ vertex->node->srlb.range_size, vertex->node->msd,
&vertex->node->router_id);
ospf_te_export(LS_MSG_TYPE_NODE, vertex);
To apply the style suggestions:
curl https://gist.githubusercontent.com/polychaeta/27c3ef12f79337b253ecbb7dd9c0810a/raw/a742d6596b368d225a9160760d6cd343e96767c9/style.diff | git apply -
If you are a new contributor to FRR, please see our contributing guidelines.
After making changes, you do not need to create a new PR. You should perform an amend or interactive rebase followed by a force push.
Loading