rib: limit route prefix length in rib/register command
refs #4262
Change-Id: I567934419f6872cb0f5a823400f53014b9c6e85e
diff --git a/core/fib-max-depth.hpp b/core/fib-max-depth.hpp
new file mode 100644
index 0000000..af15a97
--- /dev/null
+++ b/core/fib-max-depth.hpp
@@ -0,0 +1,37 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/*
+ * Copyright (c) 2014-2018, Regents of the University of California,
+ * Arizona Board of Regents,
+ * Colorado State University,
+ * University Pierre & Marie Curie, Sorbonne University,
+ * Washington University in St. Louis,
+ * Beijing Institute of Technology,
+ * The University of Memphis.
+ *
+ * This file is part of NFD (Named Data Networking Forwarding Daemon).
+ * See AUTHORS.md for complete list of NFD authors and contributors.
+ *
+ * NFD is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation,
+ * either version 3 of the License, or (at your option) any later version.
+ *
+ * NFD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * NFD, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef NFD_CORE_FIB_MAX_DEPTH_HPP
+#define NFD_CORE_FIB_MAX_DEPTH_HPP
+
+namespace nfd {
+
+/** \brief Maximum number of components in a FIB entry prefix.
+ */
+static const int FIB_MAX_DEPTH = 32;
+
+} // namespace nfd
+
+#endif // NFD_CORE_FIB_MAX_DEPTH_HPP
diff --git a/daemon/table/fib.hpp b/daemon/table/fib.hpp
index fc5439f..ac864e8 100644
--- a/daemon/table/fib.hpp
+++ b/daemon/table/fib.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2014-2016, Regents of the University of California,
+/*
+ * Copyright (c) 2014-2018, Regents of the University of California,
* Arizona Board of Regents,
* Colorado State University,
* University Pierre & Marie Curie, Sorbonne University,
@@ -29,6 +29,8 @@
#include "fib-entry.hpp"
#include "name-tree.hpp"
+#include "core/fib-max-depth.hpp"
+
#include <boost/range/adaptor/transformed.hpp>
namespace nfd {
@@ -82,6 +84,17 @@
findExactMatch(const Name& prefix);
public: // mutation
+ /** \brief Maximum number of components in a FIB entry prefix.
+ *
+ * This constant is currently advisory, but will become mandatory later.
+ */
+ static constexpr size_t
+ getMaxDepth()
+ {
+ static_assert(FIB_MAX_DEPTH == NameTree::getMaxDepth(), "");
+ return FIB_MAX_DEPTH;
+ }
+
/** \brief inserts a FIB entry for prefix
*
* If an entry for exact same prefix exists, that entry is returned.
diff --git a/daemon/table/name-tree.hpp b/daemon/table/name-tree.hpp
index 04e504e..805be56 100644
--- a/daemon/table/name-tree.hpp
+++ b/daemon/table/name-tree.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2014-2017, Regents of the University of California,
+ * Copyright (c) 2014-2018, Regents of the University of California,
* Arizona Board of Regents,
* Colorado State University,
* University Pierre & Marie Curie, Sorbonne University,
@@ -50,7 +50,7 @@
* This constant is currently advisory. It is enforced in NameTree::lookup only if
* \p enforceMaxDepth is set to true. This will become mandatory later.
*/
- static size_t
+ static constexpr size_t
getMaxDepth()
{
return 32;
diff --git a/rib/rib-manager.cpp b/rib/rib-manager.cpp
index 71a7cf3..ba89719 100644
--- a/rib/rib-manager.cpp
+++ b/rib/rib-manager.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2014-2017, Regents of the University of California,
+/*
+ * Copyright (c) 2014-2018, Regents of the University of California,
* Arizona Board of Regents,
* Colorado State University,
* University Pierre & Marie Curie, Sorbonne University,
@@ -28,6 +28,7 @@
#include "readvertise/client-to-nlsr-readvertise-policy.hpp"
#include "readvertise/nfd-rib-readvertise-destination.hpp"
+#include "core/fib-max-depth.hpp"
#include "core/logger.hpp"
#include "core/scheduler.hpp"
@@ -198,6 +199,12 @@
ControlParameters parameters,
const ndn::mgmt::CommandContinuation& done)
{
+ if (parameters.getName().size() > FIB_MAX_DEPTH) {
+ done(ControlResponse(414, "Route prefix cannot exceed " + ndn::to_string(FIB_MAX_DEPTH) +
+ " components"));
+ return;
+ }
+
setFaceForSelfRegistration(interest, parameters);
// Respond since command is valid and authorized
diff --git a/tests/rib/rib-manager.t.cpp b/tests/rib/rib-manager.t.cpp
index 7ef0194..e141368 100644
--- a/tests/rib/rib-manager.t.cpp
+++ b/tests/rib/rib-manager.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2014-2017, Regents of the University of California,
+/*
+ * Copyright (c) 2014-2018, Regents of the University of California,
* Arizona Board of Regents,
* Colorado State University,
* University Pierre & Marie Curie, Sorbonne University,
@@ -25,6 +25,7 @@
#include "rib/rib-manager.hpp"
#include "manager-common-fixture.hpp"
+#include "core/fib-max-depth.hpp"
#include <ndn-cxx/lp/tags.hpp>
#include <ndn-cxx/mgmt/nfd/face-event-notification.hpp>
@@ -422,6 +423,25 @@
BOOST_CHECK_EQUAL(checkCommand(0, "add-nexthop", paramsRegister), CheckCommandResult::OK);
}
+BOOST_AUTO_TEST_CASE(NameTooLong)
+{
+ Name prefix;
+ while (prefix.size() <= FIB_MAX_DEPTH) {
+ prefix.append("A");
+ }
+ auto params = makeRegisterParameters(prefix, 2899);
+ auto command = makeControlCommandRequest("/localhost/nfd/rib/register", params);
+ receiveInterest(command);
+
+ BOOST_REQUIRE_EQUAL(m_responses.size(), 1);
+ BOOST_CHECK_EQUAL(checkResponse(0, command.getName(), ControlResponse(414,
+ "Route prefix cannot exceed " + ndn::to_string(FIB_MAX_DEPTH) +
+ " components")),
+ CheckResponseResult::OK);
+
+ BOOST_CHECK_EQUAL(m_commands.size(), 0);
+}
+
BOOST_AUTO_TEST_SUITE_END() // RegisterUnregister
BOOST_FIXTURE_TEST_CASE(RibDataset, UnauthorizedRibManagerFixture)