lldpd-1.0.18-5

Add range checking for tx-interval and tx-hold.

Resolves: RHEL-40245

Signed-off-by: Hangbin Liu <haliu@redhat.com>

0001-client-add-range-restriction-for-tx-hold-and-interva.patch

@@ -0,0 +1,96 @@
+From 7b9abb819337dd50583350105afbdc82302f00ff Mon Sep 17 00:00:00 2001
+From: Hangbin Liu <liuhangbin@gmail.com>
+Date: Wed, 10 Jul 2024 15:32:01 +0800
+Subject: [PATCH 1/2] client: add range restriction for tx hold and interval
+
+Based on IEEE 802.1AB(2016) 9.2.5. The valid range of tx hold is 1-100,
+the valid range of tx interval is 1-3600.
+
+Reported-by: Matt Lucius <malucius@redhat.com>
+Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
+---
+ src/client/lldpcli.8.in | 15 ++++++++-------
+ src/lib/atoms/config.c  | 13 +++++++++----
+ 2 files changed, 17 insertions(+), 11 deletions(-)
+
+diff --git a/src/client/lldpcli.8.in b/src/client/lldpcli.8.in
+index 74a07eb4b806..39f936d1ceae 100644
+--- a/src/client/lldpcli.8.in
++++ b/src/client/lldpcli.8.in
+@@ -555,8 +555,8 @@ Force port description to the provided string.
+ .Cd lldp tx-interval Ar interval
+ .Bd -ragged -offset XXXXXX
+ Change transmit delay to the specified value in seconds. The transmit
+-delay is the delay between two transmissions of LLDP PDU. The default
+-value is 30 seconds. Note:
++delay is the delay between two transmissions of LLDP PDU. The valid range
++is 1 through 3600 in seconds. The default value is 30 seconds. Note:
+ .Nm lldpd
+ also starts another system based refresh timer on each port to detect
+ changes such as a hostname. This is the value of the tx-interval
+@@ -576,8 +576,8 @@ system capabilities and CPU speed.
+ .Bd -ragged -offset XXXXXX
+ Change transmit hold value to the specified value. This value is used
+ to compute the TTL of transmitted packets which is the product of this
+-value and of the transmit delay. The default value is 4 and therefore
+-the default TTL is 120 seconds.
++value and of the transmit delay. The valid range is 1 through 100. The
++default value is 4 and therefore the default TTL is 120 seconds.
+ .Ed
+ 
+ .Cd configure
+@@ -676,9 +676,10 @@ to shorten the interval between two LLDPDU.
+ .Cd enable
+ should enable LLDP-MED fast start while
+ .Cd tx-interval
+-specifies the interval between two LLDPDU in seconds. The default
+-interval is 1 second. Once 4 LLDPDU have been sent, the fast start
+-mechanism is disabled until a new neighbor is detected.
++specifies the interval between two LLDPDU in seconds. The valid interval
++range is 1 through 3600 in seconds. The default interval is 1 second. Once
++4 LLDPDU have been sent, the fast start mechanism is disabled until a new
++neighbor is detected.
+ .Ed
+ 
+ .Cd unconfigure med fast-start
+diff --git a/src/lib/atoms/config.c b/src/lib/atoms/config.c
+index 8a4af2e8d1cd..305b5861de6e 100644
+--- a/src/lib/atoms/config.c
++++ b/src/lib/atoms/config.c
+@@ -262,11 +262,13 @@ _lldpctl_atom_set_int_config(lldpctl_atom_t *atom, lldpctl_key_t key, long int v
+ 		break;
+ 	case lldpctl_k_config_tx_interval:
+ 		config.c_tx_interval = value * 1000;
+-		if (value > 0) c->config->c_tx_interval = value * 1000;
++		if (value > 0 && value <= 3600 * 1000)
++			c->config->c_tx_interval = value * 1000;
+ 		break;
+ 	case lldpctl_k_config_tx_interval_ms:
+ 		config.c_tx_interval = value;
+-		if (value > 0) c->config->c_tx_interval = value;
++		if (value > 0 && value <= 3600 * 1000)
++			c->config->c_tx_interval = value;
+ 		break;
+ 	case lldpctl_k_config_ifdescr_update:
+ 		config.c_set_ifdescr = c->config->c_set_ifdescr = value;
+@@ -288,12 +290,15 @@ _lldpctl_atom_set_int_config(lldpctl_atom_t *atom, lldpctl_key_t key, long int v
+ 		config.c_enable_fast_start = c->config->c_enable_fast_start = value;
+ 		break;
+ 	case lldpctl_k_config_fast_start_interval:
+-		config.c_tx_fast_interval = c->config->c_tx_fast_interval = value;
++		config.c_tx_fast_interval = value;
++		if (value > 0 && value <= 3600)
++			c->config->c_tx_fast_interval = value;
+ 		break;
+ #endif
+ 	case lldpctl_k_config_tx_hold:
+ 		config.c_tx_hold = value;
+-		if (value > 0) c->config->c_tx_hold = value;
++		if (value > 0 && value <= 100)
++			c->config->c_tx_hold = value;
+ 		break;
+ 	case lldpctl_k_config_max_neighbors:
+ 		config.c_max_neighbors = value;
+-- 
+2.46.0
+

0002-lldpd-limit-tx-ttl-to-65535.patch

@@ -0,0 +1,72 @@
+From a73e04f46ebe3d5e9d0805c52b9e5d0472e65069 Mon Sep 17 00:00:00 2001
+From: Hangbin Liu <liuhangbin@gmail.com>
+Date: Wed, 10 Jul 2024 15:49:32 +0800
+Subject: [PATCH 2/2] lldpd: limit tx ttl to 65535
+
+Based on IEEE 802.1AB(2016) 9.2.5.22 txTTL:
+  During normal operation, txTTL is set to whichever is the smaller of the
+  values represented by Equation (1) and Equation (2):
+      (msgTxInterval x msgTxHold) + 1   (1)
+      65535                             (2)
+
+Reported-by: Matt Lucius <malucius@redhat.com>
+Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
+---
+ src/daemon/client.c | 5 +++--
+ src/daemon/lldpd.c  | 3 ++-
+ 2 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/src/daemon/client.c b/src/daemon/client.c
+index d9d907fd74dc..c4894ac112ea 100644
+--- a/src/daemon/client.c
++++ b/src/daemon/client.c
+@@ -18,6 +18,7 @@
+ #include "lldpd.h"
+ #include "trace.h"
+ 
++#include <sys/param.h>
+ #include <sys/utsname.h>
+ 
+ static ssize_t
+@@ -80,7 +81,7 @@ client_handle_set_configuration(struct lldpd *cfg, enum hmsg_type *type, void *i
+ 			cfg->g_config.c_tx_interval = config->c_tx_interval;
+ 			cfg->g_config.c_ttl =
+ 			    cfg->g_config.c_tx_interval * cfg->g_config.c_tx_hold;
+-			cfg->g_config.c_ttl = (cfg->g_config.c_ttl + 999) / 1000;
++			cfg->g_config.c_ttl = MIN((cfg->g_config.c_ttl + 999) / 1000, 65535);
+ 		}
+ 		levent_send_now(cfg);
+ 	}
+@@ -90,7 +91,7 @@ client_handle_set_configuration(struct lldpd *cfg, enum hmsg_type *type, void *i
+ 		cfg->g_config.c_tx_hold = config->c_tx_hold;
+ 		cfg->g_config.c_ttl =
+ 		    cfg->g_config.c_tx_interval * cfg->g_config.c_tx_hold;
+-		cfg->g_config.c_ttl = (cfg->g_config.c_ttl + 999) / 1000;
++		cfg->g_config.c_ttl = MIN((cfg->g_config.c_ttl + 999) / 1000, 65535);
+ 	}
+ 	if (CHANGED(c_max_neighbors) && config->c_max_neighbors > 0) {
+ 		log_debug("rpc", "client change maximum neighbors to %d",
+diff --git a/src/daemon/lldpd.c b/src/daemon/lldpd.c
+index 6b5721e2e336..c3b67c6dfeb2 100644
+--- a/src/daemon/lldpd.c
++++ b/src/daemon/lldpd.c
+@@ -28,6 +28,7 @@
+ #include <time.h>
+ #include <libgen.h>
+ #include <assert.h>
++#include <sys/param.h>
+ #include <sys/utsname.h>
+ #include <sys/types.h>
+ #include <sys/wait.h>
+@@ -1932,7 +1933,7 @@ lldpd_main(int argc, char *argv[], char *envp[])
+ 	cfg->g_config.c_tx_interval = LLDPD_TX_INTERVAL * 1000;
+ 	cfg->g_config.c_tx_hold = LLDPD_TX_HOLD;
+ 	cfg->g_config.c_ttl = cfg->g_config.c_tx_interval * cfg->g_config.c_tx_hold;
+-	cfg->g_config.c_ttl = (cfg->g_config.c_ttl + 999) / 1000;
++	cfg->g_config.c_ttl = MIN((cfg->g_config.c_ttl + 999) / 1000, 65535);
+ 	cfg->g_config.c_max_neighbors = LLDPD_MAX_NEIGHBORS;
+ #ifdef ENABLE_LLDPMED
+ 	cfg->g_config.c_enable_fast_start = enable_fast_start;
+-- 
+2.46.0
+

lldpd.spec

@@ -1,11 +1,10 @@
 Name:     lldpd
 Version:  1.0.18
-Release:  4%{?dist}
+Release:  5%{?dist}
 Summary:  ISC-licensed implementation of LLDP
 
 License:  ISC
 URL:      https://github.com/lldpd/
-# Upstream https://github.com/lldpd/lldpd/archive/v%{version}/%{name}-%{version}.tar.gz
 Source0:  lldpd-%{version}-free.tar.gz
 Source1:  %{name}.service
 Source2:  %{name}-tmpfiles
@@ -14,6 +13,9 @@ Source4:  %{name}-systemd-sysusers.conf
 
 Source100: lldpd-cleanup.sh
 
+Patch1: 0001-client-add-range-restriction-for-tx-hold-and-interva.patch
+Patch2: 0002-lldpd-limit-tx-ttl-to-65535.patch
+
 BuildRequires: check-devel
 BuildRequires: gcc
 BuildRequires: libxml2-devel
@@ -113,6 +115,9 @@ find %{buildroot} -type f -name "*.la" -delete
 %{_libdir}/pkgconfig/lldpctl.pc
 
 %changelog
+* Wed Oct 16 2024 Hangbin Liu <haliu@redhat.com> - 1.0.18-4
+- Add range checking for tx-interval and tx-hold [RHEL-40245]
+
 * Mon May 20 2024 Hangbin Liu <haliu@redhat.com> - 1.0.18-3
 - Add lldpd-devel package [RHEL-22127]