File quagga-CVE-2017-16227-bgpd-Fix-AS_PATH-size-calculation.patch of Package quagga

From 7a42b78be9a4108d98833069a88e6fddb9285008 Mon Sep 17 00:00:00 2001
From: Andreas Jaggi <aj@open.ch>
Date: Mon, 2 Oct 2017 19:38:43 +0530
Upstream: yes
References: CVE-2017-16227,bsc#1065641
Subject: [PATCH] bgpd: Fix AS_PATH size calculation for long paths

If you have an AS_PATH with more entries than
what can be written into a single AS_SEGMENT_MAX
it needs to be broken up.  The code that noticed
that the AS_PATH needs to be broken up was not
correctly calculating the size of the resulting
message.  This patch addresses this issue.
---
 bgpd/bgp_aspath.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bgpd/bgp_aspath.c b/bgpd/bgp_aspath.c
index b7af5e88..d813bfba 100644
--- a/bgpd/bgp_aspath.c
+++ b/bgpd/bgp_aspath.c
@@ -903,7 +903,7 @@ aspath_put (struct stream *s, struct aspath *as, int use32bit )
               assegment_header_put (s, seg->type, AS_SEGMENT_MAX);
               assegment_data_put (s, seg->as, AS_SEGMENT_MAX, use32bit);
               written += AS_SEGMENT_MAX;
-              bytes += ASSEGMENT_SIZE (written, use32bit);
+              bytes += ASSEGMENT_SIZE (AS_SEGMENT_MAX, use32bit);
             }
           
           /* write the final segment, probably is also the first */
-- 
2.13.6