On Wed, 12 Oct 2016, Philippe Guibert wrote:

+u_int16_t
+decode_rd_type (u_char *pnt)
+{
+  u_int16_t v;
+
+  v = ((u_int16_t) *pnt++ << 8);
+  v |= (u_int16_t) *pnt;
+
+  return v;
+}
+
+/* type == RD_TYPE_AS */
+void
+decode_rd_as (u_char *pnt, struct rd_as *rd_as)
+{
+  rd_as->as = (u_int16_t) *pnt++ << 8;
+  rd_as->as |= (u_int16_t) *pnt++;
+
+  rd_as->val = ((u_int32_t) *pnt++ << 24);
+  rd_as->val |= ((u_int32_t) *pnt++ << 16);
+  rd_as->val |= ((u_int32_t) *pnt++ << 8);
+  rd_as->val |= (u_int32_t) *pnt;
+}
+
+/* type == RD_TYPE_AS4 */
+void
+decode_rd_as4 (u_char *pnt, struct rd_as *rd_as)
+{
+  rd_as->as  = (u_int32_t) *pnt++ << 24;
+  rd_as->as |= (u_int32_t) *pnt++ << 16;
+  rd_as->as |= (u_int32_t) *pnt++ << 8;
+  rd_as->as |= (u_int32_t) *pnt++;
+
+  rd_as->val  = ((u_int16_t) *pnt++ << 8);
+  rd_as->val |= (u_int16_t) *pnt;
+}
+
+/* type == RD_TYPE_IP */
+void
+decode_rd_ip (u_char *pnt, struct rd_ip *rd_ip)
+{
+  memcpy (&rd_ip->ip, pnt, 4);
+  pnt += 4;
+
+  rd_ip->val = ((u_int16_t) *pnt++ << 8);
+  rd_ip->val |= (u_int16_t) *pnt;
+}


+
+char *
+prefix_rd2str (struct prefix_rd *prd, char *buf, size_t size)
+{

So, one of my nits with the original submission was the bare pointer parsing. It needs to go via lib/stream. Whatever nits one can find in the aesthetics of lib/stream and its available exception handling at the moment being confined to a very blunt instrument (be nice to have an error 'absorbing' interface, with passive reporting of errors, too), lib/stream does a great job at turning overflow bugs into DoS bugs. As long as it is used, of course.

And it really should be used, and we need to get picky about requiring it be used in new submissions, as well as hunting down and updating existing code that isn't.

As you're the lucky one touching it next, could you do the honours?

(prefix_rd2str doesn't have to go through lib/stream, assuming all constructions of prefix_rd did).

regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
I have a simple rule in life: If I don't understand something, it must be bad.

        - Linus Torvalds

_______________________________________________
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

Reply via email to