bgpd: handle fs nlri over 240 bytes

the nlri flowspec above 240 bytes size was not handled. Over 240 bytes, the length is 2 bytes length, and a calculation must be done to obtain the real length. This commit handles it appropriately. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
FRRouting · Apr 16, 2020 · 6902e8c · 6902e8c
1 parent 82d86ab
commit 6902e8c
Showing 1 changed file with 5 additions and 8 deletions.
diff --git a/bgpd/bgp_flowspec.c b/bgpd/bgp_flowspec.c
@@ -108,13 +108,6 @@ int bgp_nlri_parse_flowspec(struct peer *peer, struct attr *attr,
 		return BGP_NLRI_PARSE_ERROR_FLOWSPEC_IPV6_NOT_SUPPORTED;
 	}
 
-	if (packet->length >= FLOWSPEC_NLRI_SIZELIMIT) {
-		flog_err(EC_BGP_FLOWSPEC_PACKET,
-			 "BGP flowspec nlri length maximum reached (%u)",
-			 packet->length);
-		return BGP_NLRI_PARSE_ERROR_FLOWSPEC_NLRI_SIZELIMIT;
-	}
-
 	for (; pnt < lim; pnt += psize) {
 		/* Clear prefix structure. */
 		memset(&p, 0, sizeof(struct prefix));
@@ -124,7 +117,11 @@ int bgp_nlri_parse_flowspec(struct peer *peer, struct attr *attr,
 			return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
 
 		psize = *pnt++;
-
+		if (psize >= FLOWSPEC_NLRI_SIZELIMIT) {
+			psize &= 0x0f;
+			psize = psize << 8;
+			psize |= *pnt++;
+		}
 		/* When packet overflow occur return immediately. */
 		if (pnt + psize > lim) {
 			flog_err(