FRRouting
ospf6d: Prevent heap-buffer-overflow with unknown type
When parsing a osf6 grace lsa field and we receive an unknown tlv type, ospf6d was not incrementing the pointer to get beyond the tlv. Leaving a situation where ospf6d would parse the packet incorrectly.
@Mergifyio backport stable/10.0 stable/9.1 stable/9.0 stable/8.5 stable/8.4
backport stable/10.0 stable/9.1 stable/9.0 stable/8.5 stable/8.4
✅ Backports have been created
-
#16134 ospf6d: Prevent heap-buffer-overflow with unknown type (backport #16111) has been created for branch
stable/10.0 -
#16135 ospf6d: Prevent heap-buffer-overflow with unknown type (backport #16111) has been created for branch
stable/9.1 -
#16136 ospf6d: Prevent heap-buffer-overflow with unknown type (backport #16111) has been created for branch
stable/9.0 -
#16137 ospf6d: Prevent heap-buffer-overflow with unknown type (backport #16111) has been created for branch
stable/8.5 -
#16138 ospf6d: Prevent heap-buffer-overflow with unknown type (backport #16111) has been created for branch
stable/8.4
![mergify[bot] avatar](https://avatars.githubusercontent.com/in/10562?v=4 "Published by a pub.dev verified publisher"){kind=small}
I put this in do not merge mode because I wanted the original author to take a look at it and make sure things were right from their perspective. Once I get an update from the original author I will either update the PR or remove the do not merge tag.