Fix patch(1) shell injection vulnerability via ed(1). [SA-15:18]

Fix routed remote denial of service vulnerability. [SA-15:19]
author: delphij <delphij@FreeBSD.org> 2015-08-05 22:05:02 +0000
committer: delphij <delphij@FreeBSD.org> 2015-08-05 22:05:02 +0000
commit: b64e10546f51b85523e51e5487e5a9463394feac (patch)
tree: 08935a1a29c46db433354b93a3041e5b8e90ef22 /sbin
parent: c527db206bed3fb6312aeaec912eec311c9fa9f0 (diff)
download: FreeBSD-src-b64e10546f51b85523e51e5487e5a9463394feac.zip
FreeBSD-src-b64e10546f51b85523e51e5487e5a9463394feac.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/sbin/routed/input.c b/sbin/routed/input.c
index 901c4f3..db35ef3 100644
--- a/sbin/routed/input.c
+++ b/sbin/routed/input.c
@@ -160,6 +160,12 @@ input(struct sockaddr_in *from,		/* received from this IP address */
 
 	trace_rip("Recv", "from", from, sifp, rip, cc);
 
+	if (sifp == 0) {
+		trace_pkt("    discard a request from an indirect router"
+		    " (possibly an attack)");
+		return;
+	}
+
 	if (rip->rip_vers == 0) {
 		msglim(&bad_router, FROM_NADDR,
 		       "RIP version 0, cmd %d, packet received from %s",
author	delphij <delphij@FreeBSD.org>	2015-08-05 22:05:02 +0000
committer	delphij <delphij@FreeBSD.org>	2015-08-05 22:05:02 +0000
commit	b64e10546f51b85523e51e5487e5a9463394feac (patch)
tree	08935a1a29c46db433354b93a3041e5b8e90ef22 /sbin
parent	c527db206bed3fb6312aeaec912eec311c9fa9f0 (diff)
download	FreeBSD-src-b64e10546f51b85523e51e5487e5a9463394feac.zip FreeBSD-src-b64e10546f51b85523e51e5487e5a9463394feac.tar.gz