Date: Tue, 18 May 2021 12:18:42 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 61d771b63df6 - stable/13 - bridgestp: validate timer values in config BPDU Message-ID: <202105181218.14ICIg1C051707@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=61d771b63df62e4e8764b187c1307a87933248ef commit 61d771b63df62e4e8764b187c1307a87933248ef Author: Jonah Caplan <jcaplan@blackberry.com> AuthorDate: 2021-04-15 09:28:42 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2021-05-18 10:00:38 +0000 bridgestp: validate timer values in config BPDU IEEE Std 802.1D-2004 Section 17.14 defines permitted ranges for timers. Incoming BPDU messages should be checked against the permitted ranges. The rest of 17.14 appears to be enforced already. PR: 254924 Reviewed by: kp, donner Differential Revision: https://reviews.freebsd.org/D29782 (cherry picked from commit 0e4025bffa2bab3461b72b40d0b1468722ff76e6) --- sys/net/bridgestp.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/sys/net/bridgestp.c b/sys/net/bridgestp.c index 9e3a3e14ecda..cf182d2efe7b 100644 --- a/sys/net/bridgestp.c +++ b/sys/net/bridgestp.c @@ -597,6 +597,23 @@ bstp_received_bpdu(struct bstp_state *bs, struct bstp_port *bp, return; } + /* range checks */ + if (cu->cu_message_age >= cu->cu_max_age) { + return; + } + if (cu->cu_max_age < BSTP_MIN_MAX_AGE || + cu->cu_max_age > BSTP_MAX_MAX_AGE) { + return; + } + if (cu->cu_forward_delay < BSTP_MIN_FORWARD_DELAY || + cu->cu_forward_delay > BSTP_MAX_FORWARD_DELAY) { + return; + } + if (cu->cu_hello_time < BSTP_MIN_HELLO_TIME || + cu->cu_hello_time > BSTP_MAX_HELLO_TIME) { + return; + } + type = bstp_pdu_rcvtype(bp, cu); switch (type) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202105181218.14ICIg1C051707>