From 9f07ee22fe4983d8cd4e3f051d7cf229bda55dc3 Mon Sep 17 00:00:00 2001
From: pcarana <pc.moreno2099@gmail.com>
Date: Wed, 3 Jul 2019 15:19:27 -0500
Subject: [PATCH] Fix bug: ROAs ASN wasn't validated against the allowed
 advertising

---
 src/object/roa.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/object/roa.c b/src/object/roa.c
index e971f5fb..566961ef 100644
--- a/src/object/roa.c
+++ b/src/object/roa.c
@@ -66,6 +66,12 @@ ____handle_roa_v4(struct resources *parent, unsigned long asn,
 		goto end_error;
 	}
 
+	if (!resources_contains_asn(parent, asn)) {
+		error = pr_err("ROA is not allowed to advertise ASN %lu.",
+		    asn);
+		goto end_error;
+	}
+
 	pr_debug_rm("}");
 	return vhandler_handle_roa_v4(asn, &prefix, max_length);
 end_error:
@@ -120,6 +126,12 @@ ____handle_roa_v6(struct resources *parent, unsigned long asn,
 		goto end_error;
 	}
 
+	if (!resources_contains_asn(parent, asn)) {
+		error = pr_err("ROA is not allowed to advertise ASN %lu.",
+		    asn);
+		goto end_error;
+	}
+
 	pr_debug_rm("}");
 	return vhandler_handle_roa_v6(asn, &prefix, max_length);
 end_error:
-- 
2.47.3