diff options
| author | Uli Heilmeier <uh@heilmeier.eu> | 2020-12-28 19:00:55 +0100 |
|---|---|---|
| committer | AndersBroman <a.broman58@gmail.com> | 2020-12-31 10:10:53 +0000 |
| commit | f652c79d5e2197097d9a1519f1cee1adc145a2fa (patch) | |
| tree | 7c6d8e13c4a0da2edc0c7abb06a57ac4b7c87a18 /epan/dissectors/packet-bgp.c | |
| parent | cb65f9c150b6d7e33a8eb0418f718c244a1879ec (diff) | |
BGP: Require min length Add-Path-Prefix check
detect_add_path_prefix46() is too greedy when there is a normal NLRI
(non Add-Path) with multiple <length, prefix> tuples containing a zero
length prefix at the start or in the middle.
According to [1] we don't know the amount of tuples, only the overall
length. As the Open message may be missing we still need the heuristic
to detect Add-Path prefix usage.
[1] https://tools.ietf.org/html/rfc4271#section-4.3
Related to wireshark/wireshark#16820
Diffstat (limited to 'epan/dissectors/packet-bgp.c')
| -rw-r--r-- | epan/dissectors/packet-bgp.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/epan/dissectors/packet-bgp.c b/epan/dissectors/packet-bgp.c index 6d702f488c..238224222c 100644 --- a/epan/dissectors/packet-bgp.c +++ b/epan/dissectors/packet-bgp.c @@ -9298,8 +9298,11 @@ dissect_bgp_update(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo) ti = proto_tree_add_item(tree, hf_bgp_update_nlri, tvb, o, len, ENC_NA); subtree = proto_item_add_subtree(ti, ett_bgp_nlri); end = o + len; - /* Heuristic to detect if IPv4 prefix are using Path Identifiers */ - if( detect_add_path_prefix4(tvb, o, end) ) { + /* + * Heuristic to detect if IPv4 prefix are using Path Identifiers + * we need at least 5 bytes for Add-path prefixes + */ + if( len > 4 && detect_add_path_prefix4(tvb, o, end) ) { /* IPv4 prefixes with Path Id */ while (o < end) { i = decode_path_prefix4(subtree, pinfo, hf_bgp_nlri_path_id, hf_bgp_nlri_prefix, tvb, o, |