projects / feed / routing.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 419a866) | patch
batman-adv: Don't accept TT entries for out-of-spec VIDs
authorSven Eckelmann <sven@narfation.org>
Tue, 15 Oct 2024 19:23:45 +0000 (21:23 +0200)
committerSven Eckelmann <sven@narfation.org>
Tue, 15 Oct 2024 19:23:45 +0000 (21:23 +0200)
commit5c044beca120b7df8b954c1aef5e775ccd268908
tree792430c558a258625fee2de8cc66ee38fc803c24tree | snapshot
parent419a866f031ad4dae4fd5dcac50d24633dc07815commit | diff
batman-adv: Don't accept TT entries for out-of-spec VIDs

The internal handling of VLAN IDs in batman-adv is only specified for
following encodings:

* VLAN is used
  - bit 15 is 1
  - bit 11 - bit 0 is the VLAN ID (0-4095)
  - remaining bits are 0
* No VLAN is used
  - bit 15 is 0
  - remaining bits are 0

batman-adv was only preparing new translation table entries (based on its
soft interface information) using this encoding format. But the receive
path was never checking if entries in the roam or TT TVLVs were also
following this encoding.

It was therefore possible to create more than the expected maximum of 4096
+ 1 entries in the originator VLAN list. Simply by setting the "remaining
bits" to "random" values in corresponding TVLV.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
batman-adv/Makefile diff | blob | history
batman-adv/patches/0012-batman-adv-Don-t-accept-TT-entries-for-out-of-spec-V.patch [new file with mode: 0644] blob
Mirror of routing feed