From 582856273c96113a460896a5ff9aa9a29dc73336 Mon Sep 17 00:00:00 2001
From: Neale Ranns <nranns@cisco.com>
Date: Wed, 11 Jul 2018 09:21:06 -0700
Subject: IGMP: validate the packets length in the DP

thanks to coverity... validate that the length of the packet on
wire matches the size of the header based on the number of groups
and sources. drop those that don't match.

Change-Id: Iab3f3a835f6a43d9c73c5d502ea5ceccdd6985b0
Signed-off-by: Neale Ranns <nranns@cisco.com>
---
 src/plugins/igmp/igmp_query.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/plugins/igmp/igmp_query.c')

diff --git a/src/plugins/igmp/igmp_query.c b/src/plugins/igmp/igmp_query.c
index 1513023df2e..ae9a4d51e95 100644
--- a/src/plugins/igmp/igmp_query.c
+++ b/src/plugins/igmp/igmp_query.c
@@ -36,6 +36,10 @@ igmp_query_mk_source_list (const igmp_membership_query_v3_t * q)
   const ip4_address_t *s;
   u16 ii, n;
 
+  /*
+   * we validated this packet when we accepted it in the DP, so
+   * this number is safe to use
+   */
   n = clib_net_to_host_u16 (q->n_src_addresses);
 
   if (0 == n)
-- 
cgit 1.2.3-korg