aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec
diff options
context:
space:
mode:
authorKlement Sekera <ksekera@cisco.com>2021-11-22 21:26:20 +0100
committerOle Tr�an <otroan@employees.org>2021-12-14 09:15:48 +0000
commit9b7e8acf792cced80e6775bc5668d9db415cdb46 (patch)
treeb600764a60f9978017a567390a025d2777b864a1 /src/vnet/ipsec
parent755042dec0fcc733d456adc2a74042c529eff039 (diff)
api: verify message size on receipt
When a message is received, verify that it's sufficiently large to accomodate any VLAs within message. To do that, we need a way to calculate message size including any VLAs. This patch adds such funcionality to vppapigen and necessary C code to use those to validate message size on receipt. Drop messages which are malformed. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2903aa21dee84be6822b064795ba314de46c18f4
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r--src/vnet/ipsec/ipsec_test.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/vnet/ipsec/ipsec_test.c b/src/vnet/ipsec/ipsec_test.c
index f399032eb9a..f3a9992e916 100644
--- a/src/vnet/ipsec/ipsec_test.c
+++ b/src/vnet/ipsec/ipsec_test.c
@@ -26,6 +26,10 @@
#include <vnet/ipsec/ipsec.api.h>
#undef vl_endianfun
+#define vl_calcsizefun
+#include <vnet/ipsec/ipsec.api.h>
+#undef vl_calcsizefun
+
typedef struct
{
/* API message ID base */