The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=0e4025bffa2bab3461b72b40d0b1468722ff76e6
commit 0e4025bffa2bab3461b72b40d0b1468722ff76e6 Author: Jonah Caplan <[email protected]> AuthorDate: 2021-04-15 09:28:42 +0000 Commit: Kristof Provost <[email protected]> CommitDate: 2021-04-19 10:09:18 +0000 bridgestp: validate timer values in config BPDU IEEE Std 802.1D-2004 Section 17.14 defines permitted ranges for timers. Incoming BPDU messages should be checked against the permitted ranges. The rest of 17.14 appears to be enforced already. PR: 254924 Reviewed by: kp, donner Differential Revision: https://reviews.freebsd.org/D29782 --- sys/net/bridgestp.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/sys/net/bridgestp.c b/sys/net/bridgestp.c index 9e3a3e14ecda..cf182d2efe7b 100644 --- a/sys/net/bridgestp.c +++ b/sys/net/bridgestp.c @@ -597,6 +597,23 @@ bstp_received_bpdu(struct bstp_state *bs, struct bstp_port *bp, return; } + /* range checks */ + if (cu->cu_message_age >= cu->cu_max_age) { + return; + } + if (cu->cu_max_age < BSTP_MIN_MAX_AGE || + cu->cu_max_age > BSTP_MAX_MAX_AGE) { + return; + } + if (cu->cu_forward_delay < BSTP_MIN_FORWARD_DELAY || + cu->cu_forward_delay > BSTP_MAX_FORWARD_DELAY) { + return; + } + if (cu->cu_hello_time < BSTP_MIN_HELLO_TIME || + cu->cu_hello_time > BSTP_MAX_HELLO_TIME) { + return; + } + type = bstp_pdu_rcvtype(bp, cu); switch (type) { _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "[email protected]"
