meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-3748.patch

From e61593f2ded104c4c7f01eb93e2b404e93e0c560 Mon Sep 17 00:00:00 2001
From: harryreps <harryreps@gmail.com>
Date: Fri, 3 Mar 2023 23:17:14 +0000
Subject: [PATCH] babeld: fix #11808 to avoid infinite loops

Replacing continue in loops to goto done so that index of packet buffer
increases.

Signed-off-by: harryreps <harryreps@gmail.com>

CVE: CVE-2023-3748

Upstream-Status: Backport
[https://github.com/FRRouting/frr/commit/ae1e0e1fed77716bc06f181ad68c4433fb5523d0]

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 babeld/message.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/babeld/message.c b/babeld/message.c
index 7d45d91bf..2bf233796 100644
--- a/babeld/message.c
+++ b/babeld/message.c
@@ -439,7 +439,7 @@ parse_packet(const unsigned char *from, struct interface *ifp,
 			debugf(BABEL_DEBUG_COMMON,
 			       "Received Hello from %s on %s that does not have all 0's in the unused section of flags, ignoring",
 			       format_address(from), ifp->name);
-			continue;
+			goto done;
 		}
 
 		/*
@@ -451,7 +451,7 @@ parse_packet(const unsigned char *from, struct interface *ifp,
 			debugf(BABEL_DEBUG_COMMON,
 			       "Received Unicast Hello from %s on %s that FRR is not prepared to understand yet",
 			       format_address(from), ifp->name);
-			continue;
+			goto done;
 		}
 
 		DO_NTOHS(seqno, message + 4);
@@ -469,7 +469,7 @@ parse_packet(const unsigned char *from, struct interface *ifp,
 			debugf(BABEL_DEBUG_COMMON,
 			       "Received hello from %s on %s should be ignored as that this version of FRR does not know how to properly handle interval == 0",
 			       format_address(from), ifp->name);
-			continue;
+			goto done;
 		}
 
 		changed = update_neighbour(neigh, seqno, interval);
-- 
2.25.1