We currently only support PD exclusions that only affect bits 64-95 of
the address, so we require:
32 <= PD prefix length < exclusion prefix length <= 64
The first inequality was not validated, and this could result in a
buffer overflow when generating the next request message.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
if (elen > 64)
elen = 64;
- if (elen <= 32 || elen <= entry.length) {
+ if (entry.length < 32 || elen <= entry.length) {
ok = false;
continue;
}