From: Yu Watanabe Date: Tue, 5 Sep 2023 15:55:42 +0000 (+0900) Subject: network/ndisc: refuse too many PREF64 prefixes X-Git-Tag: v255-rc1~576^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F29089%2Fhead;p=thirdparty%2Fsystemd.git network/ndisc: refuse too many PREF64 prefixes Follow-up for 6e8f5e4c1f5fcdb3b63343268936f9c269b6a209. Addresses https://github.com/systemd/systemd/pull/29009#issuecomment-1705700926. --- diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c index 4038cd73472..f24f1f30fc0 100644 --- a/src/network/networkd-ndisc.c +++ b/src/network/networkd-ndisc.c @@ -27,9 +27,12 @@ #define NDISC_DNSSL_MAX 64U #define NDISC_RDNSS_MAX 64U -/* Not defined RFC, but let's set an upper limit to make not consume much memory. +/* Not defined in the RFC, but let's set an upper limit to make not consume much memory. * This should be safe as typically there should be at most 1 portal per network. */ #define NDISC_CAPTIVE_PORTAL_MAX 64U +/* Neither defined in the RFC. Just for safety. Otherwise, malformed messages can make clients trigger OOM. + * Not sure if the threshold is high enough. Let's adjust later if not. */ +#define NDISC_PREF64_MAX 64U bool link_ipv6_accept_ra_enabled(Link *link) { assert(link); @@ -1051,6 +1054,11 @@ static int ndisc_router_process_pref64(Link *link, sd_ndisc_router *rt) { return 0; } + if (set_size(link->ndisc_pref64) >= NDISC_PREF64_MAX) { + log_link_debug(link, "Too many PREF64 records received. Only first %u records will be used.", NDISC_PREF64_MAX); + return 0; + } + new_entry = new(NDiscPREF64, 1); if (!new_entry) return log_oom();