do bounds checks on fields

diff --git a/src/listen/bfd/proto_bfd.c b/src/listen/bfd/proto_bfd.c
index 8a3d4ceaceee1cee237ee32d26e4b667b4edf114..b97e6f019d2a2aa65aa71f00575b62bcd6b4bf25 100644 (file)
--- a/src/listen/bfd/proto_bfd.c
+++ b/src/listen/bfd/proto_bfd.c
@@ -432,6 +432,7 @@ static int mod_bootstrap(module_inst_ctx_t const *mctx)
 
                while ((cs = cf_section_find_next(server, cs, "peer", CF_IDENT_ANY))) {
                        fr_client_t *c;
+                       proto_bfd_peer_t *peer;
 
                        if (cf_section_rules_push(cs, peer_config) < 0) return -1;
 
@@ -443,6 +444,22 @@ static int mod_bootstrap(module_inst_ctx_t const *mctx)
                                return -1;
                        }
 
+                       if (c->proto != IPPROTO_UDP) {
+                               cf_log_err(cs, "Peer must use 'proto = udp' in %s", cf_section_name2(cs));
+                               goto error;
+                       }
+
+                       peer = (proto_bfd_peer_t *) c;
+
+                       FR_TIME_DELTA_BOUND_CHECK("peer.min_transmit_interval", peer->min_transmit_interval, >=, fr_time_delta_from_usec(30));
+                       FR_TIME_DELTA_BOUND_CHECK("peer.min_transmit_interval", peer->min_transmit_interval, <=, fr_time_delta_from_sec(2));
+
+                       FR_TIME_DELTA_BOUND_CHECK("peer.min_recieve_interval", peer->min_transmit_interval, >=, fr_time_delta_from_usec(30));
+                       FR_TIME_DELTA_BOUND_CHECK("peer.min_received_interval", peer->min_transmit_interval, <=, fr_time_delta_from_sec(2));
+
+                       FR_INTEGER_BOUND_CHECK("peer.max_timeouts", peer->max_timeouts, >=, 1);
+                       FR_INTEGER_BOUND_CHECK("peer.max_timeouts", peer->max_timeouts, <=, 10);
+
                        if (!client_add(inst->peers, c)) {
                                cf_log_err(cs, "Failed to add peer %s", cf_section_name2(cs));
                                goto error;