[BGPCEP-867] Optional Parameters length overrun in OPEN message` Created: 12/Mar/19 Updated: 13/Mar/19 Resolved: 13/Mar/19 |
|
| Status: | Resolved |
| Project: | bgpcep |
| Component/s: | BGP |
| Affects Version/s: | None |
| Fix Version/s: | Neon, Sodium |
| Type: | Bug | Priority: | Highest |
| Reporter: | Robert Varga | Assignee: | Robert Varga |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
This is caught in CSIT, where we send out the following message: 0000 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 0010 01 50 01 04 fb f0 00 b4 c0 00 02 02 33 02 31 41 0020 04 00 00 fb f0 06 00 02 00 01 04 00 19 00 46 01 0030 04 00 02 00 80 01 04 00 02 00 85 01 04 00 01 00 0040 04 01 04 00 01 00 05 01 04 00 02 00 05 01 04 00 0050 01 00 80 01 04 00 02 00 04 01 04 00 01 00 81 01 0060 04 40 04 00 47 01 04 00 01 00 84 01 04 00 02 00 0070 01 01 04 00 01 00 86 01 04 00 02 00 86 01 04 00 0080 01 00 01 01 04 00 01 00 85 01 04 00 02 00 81 40 0090 46 00 3c 00 02 80 00 00 02 85 00 00 02 05 00 00 00a0 02 86 00 00 02 04 00 00 19 46 00 00 01 81 00 00 00b0 01 85 00 00 01 84 00 00 02 01 00 00 01 86 00 00 00c0 01 80 00 00 01 01 00 40 04 47 00 00 02 81 00 00 00d0 01 04 00 00 01 05 00 47 77 00 02 01 00 00 00 b4 00e0 00 02 81 00 00 00 b4 00 01 05 00 00 00 b4 00 01 00f0 85 00 00 00 b4 00 01 86 00 00 00 b4 00 02 80 00 0100 00 00 b4 00 01 04 00 00 00 b4 40 04 47 00 00 00 0110 b4 00 01 81 00 00 00 b4 00 19 46 00 00 00 b4 00 0120 01 01 00 00 00 b4 00 02 85 00 00 00 b4 00 01 80 0130 00 00 00 b4 00 02 05 00 00 00 b4 00 02 86 00 00 0140 00 b4 00 02 04 00 00 00 b4 00 01 84 00 00 00 b4 byte 28 has value 51, where it really is 307 to cover the entire optional parameters, but it is truncated to 1 byte.
|