diff --git a/bgpd/bgp_evpn.c b/bgpd/bgp_evpn.c index 20955fb83c..d3107552ba 100644 --- a/bgpd/bgp_evpn.c +++ b/bgpd/bgp_evpn.c @@ -2051,7 +2051,7 @@ static void evpn_mpattr_encode_type5(struct stream *s, struct prefix *p, /* Prefix contains RD, ESI, EthTag, IP length, IP, GWIP and VNI */ stream_putc(s, 8 + 10 + 4 + 1 + len + 3); stream_put(s, prd->val, 8); - if (attr && attr) + if (attr) stream_put(s, &(attr->evpn_overlay.eth_s_id), 10); else stream_put(s, &temp, 10); @@ -2061,7 +2061,7 @@ static void evpn_mpattr_encode_type5(struct stream *s, struct prefix *p, stream_put_ipv4(s, p_evpn_p->ip.ipaddr_v4.s_addr); else stream_put(s, &p_evpn_p->ip.ipaddr_v6, 16); - if (attr && attr) { + if (attr) { if (IS_IPADDR_V4(&p_evpn_p->ip)) stream_put_ipv4(s, attr->evpn_overlay.gw_ip.ipv4.s_addr); diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index de6d643657..aafd173a7b 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -10345,10 +10345,6 @@ static int bgp_show_neighbor_route(struct vty *vty, struct peer *peer, return CMD_WARNING; } - /* labeled-unicast routes live in the unicast table */ - if (safi == SAFI_LABELED_UNICAST) - safi = SAFI_UNICAST; - return bgp_show(vty, peer->bgp, afi, safi, type, &peer->su, use_json); } diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c index 5a5d2a5d5d..602bacde28 100644 --- a/bgpd/bgp_routemap.c +++ b/bgpd/bgp_routemap.c @@ -658,8 +658,10 @@ static void *route_match_vni_compile(const char *arg) return NULL; *vni = strtoul(arg, &end, 10); - if (*end != '\0') + if (*end != '\0') { + XFREE(MTYPE_ROUTE_MAP_COMPILED, vni); return NULL; + } return vni; } @@ -2669,25 +2671,27 @@ static int bgp_route_match_add(struct vty *vty, const char *command, const char *arg, route_map_event_t type) { VTY_DECLVAR_CONTEXT(route_map_index, index); + int retval = CMD_SUCCESS; int ret; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% BGP Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% BGP Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% BGP Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% BGP Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_ADDED) { + route_map_upd8_dependency(type, arg, index->map->name); } + break; } - if (type != RMAP_EVENT_MATCH_ADDED) { - route_map_upd8_dependency(type, arg, index->map->name); - } - - return CMD_SUCCESS; + return retval; } /* Delete bgp route map rule. */ @@ -2696,6 +2700,7 @@ static int bgp_route_match_delete(struct vty *vty, const char *command, { VTY_DECLVAR_CONTEXT(route_map_index, index); int ret; + int retval = CMD_SUCCESS; char *dep_name = NULL; const char *tmpstr; char *rmap_name = NULL; @@ -2714,31 +2719,27 @@ static int bgp_route_match_delete(struct vty *vty, const char *command, } ret = route_map_delete_match(index, command, dep_name); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% BGP Can't find rule.\n"); - break; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% BGP Argument is malformed.\n"); - break; - } - if (dep_name) - XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); - if (rmap_name) - XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% BGP Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% BGP Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_DELETED && dep_name) + route_map_upd8_dependency(type, dep_name, rmap_name); + break; } - if (type != RMAP_EVENT_MATCH_DELETED && dep_name) - route_map_upd8_dependency(type, dep_name, rmap_name); - if (dep_name) XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); if (rmap_name) XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_SUCCESS; + return retval; } /* diff --git a/bgpd/rfapi/bgp_rfapi_cfg.c b/bgpd/rfapi/bgp_rfapi_cfg.c index c8e2dd9525..e3b446f76a 100644 --- a/bgpd/rfapi/bgp_rfapi_cfg.c +++ b/bgpd/rfapi/bgp_rfapi_cfg.c @@ -2977,11 +2977,6 @@ DEFUN_NOSH (vnc_vrf_policy, struct rfapi_nve_group_cfg *rfg; VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* Search for name */ rfg = bgp_rfapi_cfg_match_byname(bgp, argv[1]->arg, RFAPI_GROUP_CFG_VRF); @@ -3012,10 +3007,6 @@ DEFUN (vnc_no_vrf_policy, { VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } return bgp_rfapi_delete_named_nve_group(vty, bgp, argv[2]->arg, RFAPI_GROUP_CFG_VRF); } @@ -3031,11 +3022,6 @@ DEFUN (vnc_vrf_policy_label, uint32_t label; VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3145,11 +3131,6 @@ DEFUN (vnc_vrf_policy_rt_import, int is_export_bgp = 0; int is_export_zebra = 0; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3213,11 +3194,6 @@ DEFUN (vnc_vrf_policy_rt_export, VTY_DECLVAR_CONTEXT(bgp, bgp); int rc; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3253,11 +3229,6 @@ DEFUN (vnc_vrf_policy_rt_both, struct listnode *node; struct rfapi_rfg_name *rfgn; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3333,11 +3304,6 @@ DEFUN (vnc_vrf_policy_rd, VTY_DECLVAR_CONTEXT_SUB(rfapi_nve_group_cfg, rfg); VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3420,11 +3386,6 @@ DEFUN_NOSH (vnc_l2_group, struct rfapi_l2_group_cfg *rfg; VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* Search for name */ rfg = rfapi_l2_group_lookup_byname(bgp, argv[1]->arg); @@ -3505,10 +3466,6 @@ DEFUN (vnc_no_l2_group, { VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } return bgp_rfapi_delete_named_l2_group(vty, bgp, argv[3]->arg); } @@ -3522,11 +3479,6 @@ DEFUN (vnc_l2_group_lni, VTY_DECLVAR_CONTEXT_SUB(rfapi_l2_group_cfg, rfg); VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { /* Not in list anymore */ @@ -3549,11 +3501,6 @@ DEFUN (vnc_l2_group_labels, VTY_DECLVAR_CONTEXT(bgp, bgp); struct list *ll; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { /* Not in list anymore */ @@ -3589,11 +3536,6 @@ DEFUN (vnc_l2_group_no_labels, VTY_DECLVAR_CONTEXT(bgp, bgp); struct list *ll; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { /* Not in list anymore */ @@ -3646,10 +3588,6 @@ DEFUN (vnc_l2_group_rt, vty_out(vty, "Unknown option, %s\n", argv[1]->arg); return CMD_ERR_NO_MATCH; } - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { diff --git a/bgpd/rfapi/rfapi_import.c b/bgpd/rfapi/rfapi_import.c index d63975a22b..3f427c3903 100644 --- a/bgpd/rfapi/rfapi_import.c +++ b/bgpd/rfapi/rfapi_import.c @@ -3875,10 +3875,9 @@ rfapiBgpInfoFilteredImportFunction(safi_t safi) default: /* not expected */ + zlog_err("%s: bad safi %d", __func__, safi); return NULL; } - zlog_err("%s: bad safi %d", __func__, safi); - return NULL; } void rfapiProcessUpdate(struct peer *peer, diff --git a/eigrpd/eigrp_dump.c b/eigrpd/eigrp_dump.c index 74515c98cb..98c72668fc 100644 --- a/eigrpd/eigrp_dump.c +++ b/eigrpd/eigrp_dump.c @@ -295,11 +295,13 @@ void show_ip_eigrp_prefix_entry(struct vty *vty, struct eigrp_prefix_entry *tn) vty_out(vty, "%s, ", prefix2str(tn->destination, buffer, PREFIX_STRLEN)); - vty_out(vty, "%u successors, ", successors->count); + vty_out(vty, "%u successors, ", + (successors) ? successors->count : 0); vty_out(vty, "FD is %u, serno: %" PRIu64 " \n", tn->fdistance, tn->serno); - list_delete(successors); + if (successors) + list_delete(successors); } void show_ip_eigrp_neighbor_entry(struct vty *vty, struct eigrp *eigrp, diff --git a/eigrpd/eigrp_hello.c b/eigrpd/eigrp_hello.c index ef10ebf54c..49647c6b85 100644 --- a/eigrpd/eigrp_hello.c +++ b/eigrpd/eigrp_hello.c @@ -412,11 +412,15 @@ void eigrp_sw_version_initialize(void) { char ver_string[] = VERSION; char *dash = strstr(ver_string, "-"); + int ret; if (dash) dash[0] = '\0'; - sscanf(ver_string, "%d.%d", &FRR_MAJOR, &FRR_MINOR); + ret = sscanf(ver_string, "%d.%d", &FRR_MAJOR, &FRR_MINOR); + if (ret != 2) + zlog_err("Did not Properly parse %s, please fix VERSION string", + VERSION); } /** diff --git a/eigrpd/eigrp_interface.c b/eigrpd/eigrp_interface.c index aa59516002..ee3e2217b3 100644 --- a/eigrpd/eigrp_interface.c +++ b/eigrpd/eigrp_interface.c @@ -249,15 +249,14 @@ int eigrp_if_up(struct eigrp_interface *ei) struct eigrp_metrics metric; struct eigrp_interface *ei2; struct listnode *node, *nnode; - struct eigrp *eigrp = eigrp_lookup(); + struct eigrp *eigrp; if (ei == NULL) return 0; - if (eigrp != NULL) - eigrp_adjust_sndbuflen(eigrp, ei->ifp->mtu); - else - zlog_warn("%s: eigrp_lookup () returned NULL", __func__); + eigrp = ei->eigrp; + eigrp_adjust_sndbuflen(eigrp, ei->ifp->mtu); + eigrp_if_stream_set(ei); /* Set multicast memberships appropriately for new state. */ diff --git a/eigrpd/eigrp_packet.c b/eigrpd/eigrp_packet.c index 68e7cdcbbe..8a7d4d9587 100644 --- a/eigrpd/eigrp_packet.c +++ b/eigrpd/eigrp_packet.c @@ -193,6 +193,12 @@ int eigrp_check_md5_digest(struct stream *s, if (keychain) key = key_lookup_for_send(keychain); + if (!key) { + zlog_warn("Interface %s: Expected key value not found in config", + nbr->ei->ifp->name); + return 0; + } + memset(&ctx, 0, sizeof(ctx)); MD5Init(&ctx); @@ -229,8 +235,7 @@ int eigrp_check_md5_digest(struct stream *s, } /* save neighbor's crypt_seqnum */ - if (nbr) - nbr->crypt_seqnum = authTLV->key_sequence; + nbr->crypt_seqnum = authTLV->key_sequence; return 1; } @@ -240,10 +245,11 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, { struct key *key = NULL; struct keychain *keychain; - char *source_ip; + char source_ip[PREFIX_STRLEN]; unsigned char digest[EIGRP_AUTH_TYPE_SHA256_LEN]; unsigned char buffer[1 + PLAINTEXT_LENGTH + 45 + 1] = {0}; + HMAC_SHA256_CTX ctx; void *ibuf; size_t backup_get, backup_end; @@ -263,11 +269,13 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, if (keychain) key = key_lookup_for_send(keychain); - // saved_len[index] = strnzcpyn(saved_key[index], key, - // PLAINTEXT_LENGTH + 1); + if (!key) { + zlog_warn("Interface %s: Expected key value not found in config", + ei->ifp->name); + return 0; + } - source_ip = calloc(16, sizeof(char)); - inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16); + inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, PREFIX_STRLEN); memset(&ctx, 0, sizeof(ctx)); buffer[0] = '\n'; @@ -287,7 +295,6 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, stream_set_endp(s, backup_end); eigrp_authTLV_SHA256_free(auth_TLV); - free(source_ip); return EIGRP_AUTH_TYPE_SHA256_LEN; } @@ -613,10 +620,10 @@ int eigrp_read(struct thread *thread) opcode = eigrph->opcode; if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) { - char src[100], dst[100]; + char src[PREFIX_STRLEN], dst[PREFIX_STRLEN]; - strcpy(src, inet_ntoa(iph->ip_src)); - strcpy(dst, inet_ntoa(iph->ip_dst)); + strncpy(src, inet_ntoa(iph->ip_src), PREFIX_STRLEN); + strncpy(dst, inet_ntoa(iph->ip_dst), PREFIX_STRLEN); zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]", lookup_msg(eigrp_packet_type_str, opcode, NULL), ntohl(eigrph->sequence), ntohl(eigrph->ack), length, diff --git a/eigrpd/eigrp_routemap.c b/eigrpd/eigrp_routemap.c index b645ed1987..360e28adf7 100644 --- a/eigrpd/eigrp_routemap.c +++ b/eigrpd/eigrp_routemap.c @@ -137,16 +137,19 @@ static int eigrp_route_match_add(struct vty *vty, struct route_map_index *index, { int ret; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -157,16 +160,19 @@ static int eigrp_route_match_delete(struct vty *vty, { int ret; ret = route_map_delete_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -177,25 +183,27 @@ static int eigrp_route_set_add(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_add_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + /* + * rip, ripng and other protocols share the set metric command + * but only values from 0 to 16 are valid for rip and ripng + * if metric is out of range for rip and ripng, it is + * not for other protocols. Do not return an error + */ + if (strcmp(command, "metric")) { + vty_out(vty, "%% Argument is malformed.\n"); return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - /* rip, ripng and other protocols share the set metric - command - but only values from 0 to 16 are valid for rip and - ripng - if metric is out of range for rip and ripng, it is - not for - other protocols. Do not return an error */ - if (strcmp(command, "metric")) { - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } } + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -207,16 +215,19 @@ static int eigrp_route_set_delete(struct vty *vty, int ret; ret = route_map_delete_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } diff --git a/eigrpd/eigrp_topology.c b/eigrpd/eigrp_topology.c index 64e65b694c..8390bfc66e 100644 --- a/eigrpd/eigrp_topology.c +++ b/eigrpd/eigrp_topology.c @@ -444,7 +444,7 @@ void eigrp_topology_update_node_flags(struct eigrp_prefix_entry *dest) for (ALL_LIST_ELEMENTS_RO(dest->entries, node, entry)) { if (((uint64_t)entry->distance - <= (uint64_t)(dest->distance * eigrp->variance)) + <= (uint64_t)dest->distance * (uint64_t)eigrp->variance) && entry->distance != EIGRP_MAX_METRIC) // is successor { entry->flags |= EIGRP_NEIGHBOR_ENTRY_SUCCESSOR_FLAG; diff --git a/eigrpd/eigrp_update.c b/eigrpd/eigrp_update.c index d6a1134124..430068496b 100644 --- a/eigrpd/eigrp_update.c +++ b/eigrpd/eigrp_update.c @@ -443,6 +443,9 @@ void eigrp_update_receive(struct eigrp *eigrp, struct ip *iph, eigrp_query_send_all(eigrp); eigrp_update_send_all(eigrp, ei); + + if (nbr_prefixes) + list_delete(nbr_prefixes); } /*send EIGRP Update packet*/ diff --git a/eigrpd/eigrp_vty.c b/eigrpd/eigrp_vty.c index 5c657b6db5..de21cb2e73 100644 --- a/eigrpd/eigrp_vty.c +++ b/eigrpd/eigrp_vty.c @@ -1267,7 +1267,11 @@ DEFUN (clear_ip_eigrp_neighbors_IP, struct eigrp_neighbor *nbr; struct in_addr nbr_addr; - inet_aton(argv[4]->arg, &nbr_addr); + if (!inet_aton(argv[4]->arg, &nbr_addr)) { + vty_out(vty, "Unable to parse %s", + argv[4]->arg); + return CMD_WARNING; + } /* Check if eigrp process is enabled */ eigrp = eigrp_lookup(); @@ -1370,7 +1374,11 @@ DEFUN (clear_ip_eigrp_neighbors_IP_soft, struct eigrp_neighbor *nbr; struct in_addr nbr_addr; - inet_aton(argv[4]->arg, &nbr_addr); + if (!inet_aton(argv[4]->arg, &nbr_addr)) { + vty_out(vty, "Unable to parse: %s", + argv[4]->arg); + return CMD_WARNING; + } /* Check if eigrp process is enabled */ eigrp = eigrp_lookup(); diff --git a/lib/routemap.c b/lib/routemap.c index a70248633c..409c9c3780 100644 --- a/lib/routemap.c +++ b/lib/routemap.c @@ -416,23 +416,25 @@ int generic_match_add(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_ADDED) { + route_map_upd8_dependency(type, arg, index->map->name); } + break; + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; } - if (type != RMAP_EVENT_MATCH_ADDED) { - route_map_upd8_dependency(type, arg, index->map->name); - } return CMD_SUCCESS; } @@ -441,6 +443,7 @@ int generic_match_delete(struct vty *vty, struct route_map_index *index, route_map_event_t type) { int ret; + int retval = CMD_SUCCESS; char *dep_name = NULL; const char *tmpstr; char *rmap_name = NULL; @@ -459,34 +462,30 @@ int generic_match_delete(struct vty *vty, struct route_map_index *index, } ret = route_map_delete_match(index, command, dep_name); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - break; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - break; - } - if (dep_name) - XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); - if (rmap_name) - XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_DELETED && dep_name) + route_map_upd8_dependency(type, dep_name, rmap_name); + break; } - if (type != RMAP_EVENT_MATCH_DELETED && dep_name) - route_map_upd8_dependency(type, dep_name, rmap_name); - if (dep_name) XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); if (rmap_name) XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_SUCCESS; + return retval; } int generic_set_add(struct vty *vty, struct route_map_index *index, @@ -495,19 +494,22 @@ int generic_set_add(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_add_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -517,19 +519,22 @@ int generic_set_delete(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_delete_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -1217,7 +1222,7 @@ int route_map_add_match(struct route_map_index *index, const char *match_name, RMAP_EVENT_CALL_ADDED); } - return 0; + return RMAP_COMPILE_SUCCESS; } /* Delete specified route match rule. */ @@ -1304,7 +1309,7 @@ int route_map_add_set(struct route_map_index *index, const char *set_name, route_map_notify_dependencies(index->map->name, RMAP_EVENT_CALL_ADDED); } - return 0; + return RMAP_COMPILE_SUCCESS; } /* Delete route map set rule. */ @@ -2201,7 +2206,7 @@ DEFUN (no_set_ip_nexthop, "Next hop address\n" "IP address of next hop\n") { - int idx; + int idx = 0; VTY_DECLVAR_CONTEXT(route_map_index, index); const char *arg = NULL; diff --git a/lib/routemap.h b/lib/routemap.h index 43af8dbcfe..b166de1e09 100644 --- a/lib/routemap.h +++ b/lib/routemap.h @@ -99,8 +99,10 @@ struct route_map_rule_cmd { /* Route map apply error. */ enum { + RMAP_COMPILE_SUCCESS, + /* Route map rule is missing. */ - RMAP_RULE_MISSING = 1, + RMAP_RULE_MISSING, /* Route map rule can't compile */ RMAP_COMPILE_ERROR diff --git a/ospf6d/ospf6_asbr.c b/ospf6d/ospf6_asbr.c index dd3630af16..de20fbc3ab 100644 --- a/ospf6d/ospf6_asbr.c +++ b/ospf6d/ospf6_asbr.c @@ -985,21 +985,20 @@ static struct route_map_rule_cmd ospf6_routemap_rule_set_tag_cmd = { static int route_map_command_status(struct vty *vty, int ret) { - if (!ret) - return CMD_SUCCESS; - switch (ret) { case RMAP_RULE_MISSING: vty_out(vty, "OSPF6 Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; break; case RMAP_COMPILE_ERROR: vty_out(vty, "OSPF6 Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; break; - default: - vty_out(vty, "OSPF6 route-map add set failed.\n"); + case RMAP_COMPILE_SUCCESS: break; } - return CMD_WARNING_CONFIG_FAILED; + + return CMD_SUCCESS; } /* add "set metric-type" */ diff --git a/ospf6d/ospf6_zebra.c b/ospf6d/ospf6_zebra.c index ae08384559..2372bc54b7 100644 --- a/ospf6d/ospf6_zebra.c +++ b/ospf6d/ospf6_zebra.c @@ -231,11 +231,7 @@ static int ospf6_zebra_read_route(int command, struct zclient *zclient, char prefixstr[PREFIX2STR_BUFFER], nexthopstr[128]; prefix2str((struct prefix *)&api.prefix, prefixstr, sizeof(prefixstr)); - if (nexthop) - inet_ntop(AF_INET6, nexthop, nexthopstr, - sizeof(nexthopstr)); - else - snprintf(nexthopstr, sizeof(nexthopstr), "::"); + inet_ntop(AF_INET6, nexthop, nexthopstr, sizeof(nexthopstr)); zlog_debug( "Zebra Receive route %s: %s %s nexthop %s ifindex %ld tag %" ROUTE_TAG_PRI, diff --git a/ospfd/ospf_te.c b/ospfd/ospf_te.c index 1c1c76c1af..5517008909 100644 --- a/ospfd/ospf_te.c +++ b/ospfd/ospf_te.c @@ -2425,7 +2425,7 @@ DEFUN (show_ip_ospf_mpls_te_router, if (ntohs(OspfMplsTE.router_addr.header.type) != 0) show_vty_router_addr(vty, &OspfMplsTE.router_addr.header); - else if (vty != NULL) + else vty_out(vty, " N/A\n"); } return CMD_SUCCESS; diff --git a/ospfd/ospf_vty.c b/ospfd/ospf_vty.c index dc7af5a848..c2a55d9b37 100644 --- a/ospfd/ospf_vty.c +++ b/ospfd/ospf_vty.c @@ -2310,7 +2310,10 @@ DEFUN (ospf_neighbor, unsigned int priority = OSPF_NEIGHBOR_PRIORITY_DEFAULT; unsigned int interval = OSPF_POLL_INTERVAL_DEFAULT; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } if (argc > 2) priority = strtoul(argv[idx_pri]->arg, NULL, 10); @@ -2347,7 +2350,10 @@ DEFUN (ospf_neighbor_poll_interval, unsigned int priority = OSPF_NEIGHBOR_PRIORITY_DEFAULT; unsigned int interval = OSPF_POLL_INTERVAL_DEFAULT; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } interval = strtoul(argv[idx_poll]->arg, NULL, 10); @@ -2378,7 +2384,10 @@ DEFUN (no_ospf_neighbor, int idx_ipv4 = 2; struct in_addr nbr_addr; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } (void)ospf_nbr_nbma_unset(ospf, nbr_addr); @@ -2400,7 +2409,10 @@ DEFUN (no_ospf_neighbor_poll, int idx_ipv4 = 2; struct in_addr nbr_addr; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } (void)ospf_nbr_nbma_unset(ospf, nbr_addr); @@ -6962,7 +6974,10 @@ DEFUN (ip_ospf_area, // Check if we have an address arg and proccess it if (argc == idx + 3) { - inet_aton(argv[idx + 2]->arg, &addr); + if (!inet_aton(argv[idx + 2]->arg, &addr)) { + vty_out(vty, "Please specify Intf Address by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } // update/create address-level params params = ospf_get_if_params((ifp), (addr)); if (OSPF_IF_PARAM_CONFIGURED(params, if_area)) { @@ -7021,7 +7036,10 @@ DEFUN (no_ip_ospf_area, // Check if we have an address arg and proccess it if (argc == idx + 3) { - inet_aton(argv[idx + 2]->arg, &addr); + if (!inet_aton(argv[idx + 2]->arg, &addr)) { + vty_out(vty, "Please specify Intf Address by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } params = ospf_lookup_if_params(ifp, addr); if ((params) == NULL) return CMD_SUCCESS; diff --git a/pimd/pim_cmd.c b/pimd/pim_cmd.c index ae509f4a9b..4a9c53cf29 100644 --- a/pimd/pim_cmd.c +++ b/pimd/pim_cmd.c @@ -4895,6 +4895,9 @@ DEFUN (show_ip_mroute_count, int idx = 2; struct vrf *vrf = pim_cmd_lookup_vrf(vty, argv, argc, &idx); + if (!vrf) + return CMD_WARNING; + show_mroute_count(vrf->info, vty); return CMD_SUCCESS; } diff --git a/pimd/pim_instance.c b/pimd/pim_instance.c index 7fc77556ec..d1f8085b48 100644 --- a/pimd/pim_instance.c +++ b/pimd/pim_instance.c @@ -195,11 +195,16 @@ static int pim_vrf_config_write(struct vty *vty) RB_FOREACH(vrf, vrf_name_head, &vrfs_by_name) { pim = vrf->info; - if (!pim || vrf->vrf_id != VRF_DEFAULT) { - vty_out(vty, "vrf %s\n", vrf->name); - pim_global_config_write_worker(pim, vty); - vty_out(vty, "!\n"); - } + + if (!pim) + continue; + + if (vrf->vrf_id == VRF_DEFAULT) + continue; + + vty_out(vty, "vrf %s\n", vrf->name); + pim_global_config_write_worker(pim, vty); + vty_out(vty, "!\n"); } return 0; diff --git a/pimd/pim_mroute.c b/pimd/pim_mroute.c index 52d240f54b..dca3bf4af3 100644 --- a/pimd/pim_mroute.c +++ b/pimd/pim_mroute.c @@ -713,21 +713,26 @@ int pim_mroute_socket_enable(struct pim_instance *pim) fd = socket(AF_INET, SOCK_RAW, IPPROTO_IGMP); -#ifdef SO_BINDTODEVICE - setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, pim->vrf->name, - strlen(pim->vrf->name)); -#endif - - if (pimd_privs.change(ZPRIVS_LOWER)) - zlog_err("pim_mroute_socket_enable: could not lower privs, %s", - safe_strerror(errno)); - if (fd < 0) { zlog_warn("Could not create mroute socket: errno=%d: %s", errno, safe_strerror(errno)); return -2; } +#ifdef SO_BINDTODEVICE + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, pim->vrf->name, + strlen(pim->vrf->name))) { + zlog_warn("Could not setsockopt SO_BINDTODEVICE: %s", + safe_strerror(errno)); + close(fd); + return -3; + } +#endif + + if (pimd_privs.change(ZPRIVS_LOWER)) + zlog_err("pim_mroute_socket_enable: could not lower privs, %s", + safe_strerror(errno)); + pim->mroute_socket = fd; if (pim_mroute_set(pim, 1)) { zlog_warn( diff --git a/pimd/pim_msdp_socket.c b/pimd/pim_msdp_socket.c index 9473462e63..f245a04353 100644 --- a/pimd/pim_msdp_socket.c +++ b/pimd/pim_msdp_socket.c @@ -156,9 +156,15 @@ int pim_msdp_sock_listen(struct pim_instance *pim) if (!ifp) { zlog_err("%s: Unable to lookup vrf interface: %s", __PRETTY_FUNCTION__, pim->vrf->name); + close(sock); + return -1; + } + if (pim_socket_bind(sock, ifp)) { + zlog_err("%s: Unable to bind to socket: %s", + __PRETTY_FUNCTION__, safe_strerror(errno)); + close(sock); return -1; } - pim_socket_bind(sock, ifp); } if (pimd_privs.change(ZPRIVS_RAISE)) { @@ -236,7 +242,13 @@ int pim_msdp_sock_connect(struct pim_msdp_peer *mp) __PRETTY_FUNCTION__, mp->pim->vrf->name); return -1; } - pim_socket_bind(mp->fd, ifp); + if (pim_socket_bind(mp->fd, ifp)) { + zlog_err("%s: Unable to bind to socket: %s", + __PRETTY_FUNCTION__, safe_strerror(errno)); + close(mp->fd); + mp->fd = -1; + return -1; + } } set_nonblocking(mp->fd); diff --git a/pimd/pim_rp.c b/pimd/pim_rp.c index 05592992a9..e2c411a307 100644 --- a/pimd/pim_rp.c +++ b/pimd/pim_rp.c @@ -542,7 +542,9 @@ int pim_rp_del(struct pim_instance *pim, const char *rp, } pim_delete_tracked_nexthop(pim, &nht_p, NULL, rp_info); - str2prefix("224.0.0.0/4", &g_all); + if (!str2prefix("224.0.0.0/4", &g_all)) + return PIM_RP_BAD_ADDRESS; + rp_all = pim_rp_find_match_group(pim, &g_all); if (rp_all == rp_info) { diff --git a/pimd/pim_sock.c b/pimd/pim_sock.c index a4d3d7e4b3..a5a842ceee 100644 --- a/pimd/pim_sock.c +++ b/pimd/pim_sock.c @@ -65,22 +65,21 @@ int pim_socket_raw(int protocol) return fd; } -int pim_socket_ip_hdr(int fd) +void pim_socket_ip_hdr(int fd) { const int on = 1; - int ret; if (pimd_privs.change(ZPRIVS_RAISE)) zlog_err("%s: could not raise privs, %s", __PRETTY_FUNCTION__, safe_strerror(errno)); - ret = setsockopt(fd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)); + if (setsockopt(fd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on))) + zlog_err("%s: Could not turn on IP_HDRINCL option: %s", + __PRETTY_FUNCTION__, safe_strerror(errno)); if (pimd_privs.change(ZPRIVS_LOWER)) zlog_err("%s: could not lower privs, %s", __PRETTY_FUNCTION__, safe_strerror(errno)); - - return ret; } /* diff --git a/pimd/pim_sock.h b/pimd/pim_sock.h index aa46cd6200..358dd39a44 100644 --- a/pimd/pim_sock.h +++ b/pimd/pim_sock.h @@ -36,7 +36,7 @@ #define PIM_SOCK_ERR_BIND (-11) /* Can't bind to interface */ int pim_socket_bind(int fd, struct interface *ifp); -int pim_socket_ip_hdr(int fd); +void pim_socket_ip_hdr(int fd); int pim_socket_raw(int protocol); int pim_socket_mcast(int protocol, struct in_addr ifaddr, struct interface *ifp, u_char loop); diff --git a/pimd/pim_ssm.c b/pimd/pim_ssm.c index 8d270e6205..71bb6f2abd 100644 --- a/pimd/pim_ssm.c +++ b/pimd/pim_ssm.c @@ -71,7 +71,10 @@ static int pim_is_grp_standard_ssm(struct prefix *group) static struct prefix group_ssm; if (first) { - str2prefix(PIM_SSM_STANDARD_RANGE, &group_ssm); + if (!str2prefix(PIM_SSM_STANDARD_RANGE, &group_ssm)) + zlog_err("%s: Failure to Read Group Address: %s", + __PRETTY_FUNCTION__, PIM_SSM_STANDARD_RANGE); + first = 0; } diff --git a/pimd/pim_zebra.c b/pimd/pim_zebra.c index 7b060aef4b..a1107e2424 100644 --- a/pimd/pim_zebra.c +++ b/pimd/pim_zebra.c @@ -184,6 +184,13 @@ static int pim_zebra_if_state_up(int command, struct zclient *zclient, && (ifp->vrf_id != vrf->vrf_id)) { struct interface *master = if_lookup_by_name( vrf->name, vrf->vrf_id); + + if (!master) { + zlog_debug("%s: Unable to find Master interface for %s", + __PRETTY_FUNCTION__, + vrf->name); + return 0; + } zclient_interface_set_master(zclient, master, ifp); } diff --git a/ripd/ripd.c b/ripd/ripd.c index d9b38bba89..36eceafd9b 100644 --- a/ripd/ripd.c +++ b/ripd/ripd.c @@ -1685,6 +1685,7 @@ int rip_recvmsg(int sock, u_char *buf, int size, struct sockaddr_in *from, struct cmsghdr *ptr; char adata[1024]; + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)from; msg.msg_namelen = sizeof(struct sockaddr_in); msg.msg_iov = &iov; diff --git a/ripngd/ripngd.c b/ripngd/ripngd.c index 2883698f47..d8017622d1 100644 --- a/ripngd/ripngd.c +++ b/ripngd/ripngd.c @@ -176,6 +176,7 @@ int ripng_send_packet(caddr_t buf, int bufsize, struct sockaddr_in6 *to, addr.sin6_port = htons(RIPNG_PORT_DEFAULT); } + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)&addr; msg.msg_namelen = sizeof(struct sockaddr_in6); msg.msg_iov = &iov; @@ -228,6 +229,7 @@ static int ripng_recv_packet(int sock, u_char *buf, int bufsize, char adata[1024]; /* Fill in message and iovec. */ + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)from; msg.msg_namelen = sizeof(struct sockaddr_in6); msg.msg_iov = &iov; diff --git a/zebra/if_netlink.c b/zebra/if_netlink.c index 9aa560bfa1..d5b8860d38 100644 --- a/zebra/if_netlink.c +++ b/zebra/if_netlink.c @@ -393,7 +393,7 @@ static int get_iflink_speed(const char *ifname) memset(&ifdata, 0, sizeof(ifdata)); /* set interface name */ - strcpy(ifdata.ifr_name, ifname); + strlcpy(ifdata.ifr_name, ifname, sizeof(ifdata.ifr_name)); /* initialize ethtool interface */ memset(&ecmd, 0, sizeof(ecmd)); diff --git a/zebra/interface.c b/zebra/interface.c index eea3674c8e..1bafb4c59d 100644 --- a/zebra/interface.c +++ b/zebra/interface.c @@ -497,7 +497,7 @@ void if_add_update(struct interface *ifp) if (!CHECK_FLAG(ifp->status, ZEBRA_INTERFACE_ACTIVE)) { SET_FLAG(ifp->status, ZEBRA_INTERFACE_ACTIVE); - if (if_data && if_data->shutdown == IF_ZEBRA_SHUTDOWN_ON) { + if (if_data->shutdown == IF_ZEBRA_SHUTDOWN_ON) { if (IS_ZEBRA_DEBUG_KERNEL) zlog_debug( "interface %s vrf %u index %d is shutdown. " diff --git a/zebra/ioctl.c b/zebra/ioctl.c index 7a3591728e..58118ce006 100644 --- a/zebra/ioctl.c +++ b/zebra/ioctl.c @@ -44,7 +44,7 @@ extern struct zebra_privs_t zserv_privs; /* clear and set interface name string */ void ifreq_set_name(struct ifreq *ifreq, struct interface *ifp) { - strncpy(ifreq->ifr_name, ifp->name, IFNAMSIZ); + strlcpy(ifreq->ifr_name, ifp->name, sizeof(ifreq->ifr_name)); } /* call ioctl system call */ diff --git a/zebra/irdp_packet.c b/zebra/irdp_packet.c index 0832245536..11bc9b0440 100644 --- a/zebra/irdp_packet.c +++ b/zebra/irdp_packet.c @@ -182,6 +182,7 @@ static int irdp_recvmsg(int sock, u_char *buf, int size, int *ifindex) char adata[CMSG_SPACE(SOPT_SIZE_CMSG_PKTINFO_IPV4())]; int ret; + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)0; msg.msg_namelen = 0; msg.msg_iov = &iov; diff --git a/zebra/redistribute.c b/zebra/redistribute.c index 39083ad3b7..fdfaa69571 100644 --- a/zebra/redistribute.c +++ b/zebra/redistribute.c @@ -52,6 +52,12 @@ static u_int32_t zebra_import_table_distance[AFI_MAX][ZEBRA_KERNEL_TABLE_MAX]; int is_zebra_import_table_enabled(afi_t afi, u_int32_t table_id) { + /* + * Make sure that what we are called with actualy makes sense + */ + if (afi == AFI_MAX) + return 0; + if (is_zebra_valid_kernel_table(table_id)) return zebra_import_table_used[afi][table_id]; return 0; diff --git a/zebra/rt_netlink.c b/zebra/rt_netlink.c index 3f9782d442..d1fd1a968a 100644 --- a/zebra/rt_netlink.c +++ b/zebra/rt_netlink.c @@ -588,8 +588,8 @@ static int netlink_route_change_read_multicast(struct sockaddr_nl *snl, if (IS_ZEBRA_DEBUG_KERNEL) { struct interface *ifp; - strcpy(sbuf, inet_ntoa(m->sg.src)); - strcpy(gbuf, inet_ntoa(m->sg.grp)); + strlcpy(sbuf, inet_ntoa(m->sg.src), sizeof(sbuf)); + strlcpy(gbuf, inet_ntoa(m->sg.grp), sizeof(gbuf)); for (count = 0; count < oif_count; count++) { ifp = if_lookup_by_index(oif[count], vrf); char temp[256]; @@ -1562,6 +1562,8 @@ int kernel_get_ipmr_sg_stats(struct zebra_vrf *zvrf, void *in) int kernel_route_rib(struct prefix *p, struct prefix *src_p, struct route_entry *old, struct route_entry *new) { + assert(old || new); + if (!old && new) return netlink_route_multipath(RTM_NEWROUTE, p, src_p, new, 0); if (old && !new) diff --git a/zebra/rtadv.c b/zebra/rtadv.c index 2182d6618c..88836af72e 100644 --- a/zebra/rtadv.c +++ b/zebra/rtadv.c @@ -107,6 +107,7 @@ static int rtadv_recv_packet(struct zebra_ns *zns, int sock, u_char *buf, char adata[1024]; /* Fill in message and iovec. */ + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)from; msg.msg_namelen = sizeof(struct sockaddr_in6); msg.msg_iov = &iov; @@ -629,7 +630,6 @@ static int rtadv_make_socket(void) safe_strerror(errno)); if (sock < 0) { - close(sock); return -1; } diff --git a/zebra/zebra_mpls.c b/zebra/zebra_mpls.c index cee3a03858..3c4de40db3 100644 --- a/zebra/zebra_mpls.c +++ b/zebra/zebra_mpls.c @@ -840,7 +840,7 @@ static void lsp_schedule(struct hash_backet *backet, void *ctxt) zebra_lsp_t *lsp; lsp = (zebra_lsp_t *)backet->data; - lsp_processq_add(lsp); + (void)lsp_processq_add(lsp); } /* @@ -2718,10 +2718,10 @@ int zebra_mpls_write_lsp_config(struct vty *vty, struct zebra_vrf *zvrf) for (ALL_LIST_ELEMENTS_RO(slsp_list, node, slsp)) { for (snhlfe = slsp->snhlfe_list; snhlfe; snhlfe = snhlfe->next) { - char buf[INET6_ADDRSTRLEN]; + char buf[BUFSIZ]; char lstr[30]; - snhlfe2str(snhlfe, buf, BUFSIZ); + snhlfe2str(snhlfe, buf, sizeof(buf)); switch (snhlfe->out_label) { case MPLS_V4_EXP_NULL_LABEL: case MPLS_V6_EXP_NULL_LABEL: diff --git a/zebra/zebra_mroute.c b/zebra/zebra_mroute.c index c4d674df23..75d5d5d627 100644 --- a/zebra/zebra_mroute.c +++ b/zebra/zebra_mroute.c @@ -48,8 +48,8 @@ int zebra_ipmr_route_stats(struct zserv *client, int fd, u_short length, char sbuf[40]; char gbuf[40]; - strcpy(sbuf, inet_ntoa(mroute.sg.src)); - strcpy(gbuf, inet_ntoa(mroute.sg.grp)); + strlcpy(sbuf, inet_ntoa(mroute.sg.src), sizeof(sbuf)); + strlcpy(gbuf, inet_ntoa(mroute.sg.grp), sizeof(gbuf)); zlog_debug("Asking for (%s,%s) mroute information", sbuf, gbuf); } diff --git a/zebra/zebra_ptm.c b/zebra/zebra_ptm.c index 1bf672d4a1..b18b3e7429 100644 --- a/zebra/zebra_ptm.c +++ b/zebra/zebra_ptm.c @@ -156,7 +156,7 @@ void zebra_ptm_finish(void) if (ptm_cb.wb) buffer_free(ptm_cb.wb); - if (ptm_cb.ptm_sock != -1) + if (ptm_cb.ptm_sock >= 0) close(ptm_cb.ptm_sock); } diff --git a/zebra/zebra_pw.c b/zebra/zebra_pw.c index 0b6263fac5..ce9f19c3cc 100644 --- a/zebra/zebra_pw.c +++ b/zebra/zebra_pw.c @@ -328,6 +328,7 @@ DEFUN_NOSH (pseudowire_if, if (!pw) return CMD_SUCCESS; zebra_pw_del(zvrf, pw); + return CMD_SUCCESS; } if (!pw) diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c index eecefa09c8..c7a2564ab4 100644 --- a/zebra/zebra_rib.c +++ b/zebra/zebra_rib.c @@ -2726,23 +2726,27 @@ unsigned long rib_score_proto(u_char proto, u_short instance) void rib_close_table(struct route_table *table) { struct route_node *rn; - rib_table_info_t *info = table->info; + rib_table_info_t *info; struct route_entry *re; - if (table) - for (rn = route_top(table); rn; rn = srcdest_route_next(rn)) - RNODE_FOREACH_RE(rn, re) - { - if (!CHECK_FLAG(re->status, - ROUTE_ENTRY_SELECTED_FIB)) - continue; + if (!table) + return; - if (info->safi == SAFI_UNICAST) - hook_call(rib_update, rn, NULL); + info = table->info; - if (!RIB_SYSTEM_ROUTE(re)) - rib_uninstall_kernel(rn, re); - } + for (rn = route_top(table); rn; rn = srcdest_route_next(rn)) + RNODE_FOREACH_RE(rn, re) + { + if (!CHECK_FLAG(re->status, + ROUTE_ENTRY_SELECTED_FIB)) + continue; + + if (info->safi == SAFI_UNICAST) + hook_call(rib_update, rn, NULL); + + if (!RIB_SYSTEM_ROUTE(re)) + rib_uninstall_kernel(rn, re); + } } /* Routing information base initialize. */ diff --git a/zebra/zebra_routemap.c b/zebra/zebra_routemap.c index c738cde0ac..0fa616bef9 100644 --- a/zebra/zebra_routemap.c +++ b/zebra/zebra_routemap.c @@ -62,23 +62,26 @@ static int zebra_route_match_add(struct vty *vty, const char *command, { VTY_DECLVAR_CONTEXT(route_map_index, index); int ret; + int retval = CMD_SUCCESS; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Zebra Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Zebra Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Zebra Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Zebra Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_ADDED) { + route_map_upd8_dependency(type, arg, index->map->name); } + break; } - if (type != RMAP_EVENT_MATCH_ADDED) { - route_map_upd8_dependency(type, arg, index->map->name); - } - return CMD_SUCCESS; + return retval; } /* Delete zebra route map rule. */ @@ -87,6 +90,7 @@ static int zebra_route_match_delete(struct vty *vty, const char *command, { VTY_DECLVAR_CONTEXT(route_map_index, index); int ret; + int retval = CMD_SUCCESS; char *dep_name = NULL; const char *tmpstr; char *rmap_name = NULL; @@ -105,26 +109,27 @@ static int zebra_route_match_delete(struct vty *vty, const char *command, } ret = route_map_delete_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Zebra Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Zebra Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Zebra Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Zebra Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_DELETED && dep_name) + route_map_upd8_dependency(type, dep_name, rmap_name); + break; } - if (type != RMAP_EVENT_MATCH_DELETED && dep_name) - route_map_upd8_dependency(type, dep_name, rmap_name); - if (dep_name) XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); if (rmap_name) XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_SUCCESS; + return retval; } /* 'match tag TAG' diff --git a/zebra/zebra_vrf.c b/zebra/zebra_vrf.c index ff140bad67..0a26ac6ad7 100644 --- a/zebra/zebra_vrf.c +++ b/zebra/zebra_vrf.c @@ -470,7 +470,11 @@ static int vrf_config_write(struct vty *vty) RB_FOREACH(vrf, vrf_name_head, &vrfs_by_name) { zvrf = vrf->info; - if (!zvrf || strcmp(zvrf_name(zvrf), VRF_DEFAULT_NAME)) { + + if (!zvrf) + continue; + + if (strcmp(zvrf_name(zvrf), VRF_DEFAULT_NAME)) { vty_out(vty, "vrf %s\n", zvrf_name(zvrf)); vty_out(vty, "!\n"); } diff --git a/zebra/zebra_vty.c b/zebra/zebra_vty.c index d9ef81e97c..eeca7bceda 100644 --- a/zebra/zebra_vty.c +++ b/zebra/zebra_vty.c @@ -1200,7 +1200,10 @@ DEFUN (show_ip_route, tag = strtoul(argv[idx + 1]->arg, NULL, 10); else if (argv_find(argv, argc, "A.B.C.D/M", &idx)) { - str2prefix(argv[idx]->arg, &p); + if (str2prefix(argv[idx]->arg, &p) <= 0) { + vty_out(vty, "%% Malformed prefix\n"); + return CMD_WARNING; + } longer_prefixes = true; } @@ -1842,7 +1845,10 @@ DEFUN (show_ipv6_route, tag = strtoul(argv[idx + 1]->arg, NULL, 10); else if (argv_find(argv, argc, "X:X::X:X/M", &idx)) { - str2prefix(argv[idx]->arg, &p); + if (str2prefix(argv[idx]->arg, &p) <= 0) { + vty_out(vty, "%% Malformed prefix\n"); + return CMD_WARNING; + } longer_prefixes = true; } @@ -2580,6 +2586,8 @@ DEFUN (ip_zebra_import_table_distance, vty_out(vty, "Invalid routing table ID, %d. Must be in range 1-252\n", table_id); + if (rmap) + XFREE(MTYPE_ROUTE_MAP_NAME, rmap); return CMD_WARNING; } @@ -2587,6 +2595,8 @@ DEFUN (ip_zebra_import_table_distance, vty_out(vty, "Invalid routing table ID, %d. Must be non-default table\n", table_id); + if (rmap) + XFREE(MTYPE_ROUTE_MAP_NAME, rmap); return CMD_WARNING; } diff --git a/zebra/zebra_vxlan.c b/zebra/zebra_vxlan.c index 32c0e20a91..4e5612f4f8 100644 --- a/zebra/zebra_vxlan.c +++ b/zebra/zebra_vxlan.c @@ -1160,14 +1160,15 @@ static int zvni_neigh_uninstall(zebra_vni_t *zvni, zebra_neigh_t *n) if (!(n->flags & ZEBRA_NEIGH_REMOTE)) return 0; - zvrf = vrf_info_lookup(zvni->vxlan_if->vrf_id); - assert(zvrf); if (!zvni->vxlan_if) { zlog_err("VNI %u hash %p couldn't be uninstalled - no intf", zvni->vni, zvni); return -1; } + zvrf = vrf_info_lookup(zvni->vxlan_if->vrf_id); + assert(zvrf); + zif = zvni->vxlan_if->info; if (!zif) return -1; @@ -1348,8 +1349,7 @@ static int zvni_gw_macip_add(struct interface *ifp, zebra_vni_t *zvni, zlog_err( "%u:Failed to add neighbor %s MAC %s intf %s(%u) -> VNI %u", ifp->vrf_id, ipaddr2str(ip, buf2, sizeof(buf2)), - prefix_mac2str(macaddr, NULL, - ETHER_ADDR_STRLEN), + prefix_mac2str(macaddr, buf, sizeof(buf)), ifp->name, ifp->ifindex, zvni->vni); return -1; } @@ -1364,7 +1364,7 @@ static int zvni_gw_macip_add(struct interface *ifp, zebra_vni_t *zvni, zlog_debug( "%u:SVI %s(%u) VNI %u, sending GW MAC %s IP %s add to BGP", ifp->vrf_id, ifp->name, ifp->ifindex, zvni->vni, - prefix_mac2str(macaddr, NULL, ETHER_ADDR_STRLEN), + prefix_mac2str(macaddr, buf, sizeof(buf)), ipaddr2str(ip, buf2, sizeof(buf2))); zvni_neigh_send_add_to_client(zvrf, zvni->vni, ip, macaddr, @@ -1382,6 +1382,7 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, struct zebra_vrf *zvrf = NULL; zebra_neigh_t *n = NULL; zebra_mac_t *mac = NULL; + char buf1[ETHER_ADDR_STRLEN]; char buf2[INET6_ADDRSTRLEN]; zvrf = vrf_info_lookup(zvni->vxlan_if->vrf_id); @@ -1395,11 +1396,13 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, /* mac entry should be present */ mac = zvni_mac_lookup(zvni, &n->emac); - if (!mac) - zlog_err("%u: MAC %s doesnt exsists for neigh %s on VNI %u", + if (!mac) { + zlog_err("%u: MAC %s doesnt exists for neigh %s on VNI %u", ifp->vrf_id, - prefix_mac2str(&n->emac, NULL, ETHER_ADDR_STRLEN), + prefix_mac2str(&n->emac, buf1, sizeof(buf1)), ipaddr2str(ip, buf2, sizeof(buf2)), zvni->vni); + return -1; + } /* If the entry is not local nothing to do*/ if (!CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL)) @@ -1409,7 +1412,7 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, zlog_debug( "%u:SVI %s(%u) VNI %u, sending GW MAC %s IP %s del to BGP", ifp->vrf_id, ifp->name, ifp->ifindex, zvni->vni, - prefix_mac2str(&(n->emac), NULL, ETHER_ADDR_STRLEN), + prefix_mac2str(&(n->emac), buf1, sizeof(buf1)), ipaddr2str(ip, buf2, sizeof(buf2))); /* Remove neighbor from BGP. */ @@ -1420,7 +1423,8 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, zvni_neigh_del(zvni, n); /* see if the mac needs to be deleted as well*/ - zvni_deref_ip2mac(zvni, mac, 0); + if (mac) + zvni_deref_ip2mac(zvni, mac, 0); return 0; } diff --git a/zebra/zserv.c b/zebra/zserv.c index d60c8c9368..d23e902e9b 100644 --- a/zebra/zserv.c +++ b/zebra/zserv.c @@ -1679,7 +1679,7 @@ static int zread_ipv6_delete(struct zserv *client, u_short length, api.safi = stream_getw(s); /* IPv4 prefix. */ - memset(&p, 0, sizeof(struct prefix_ipv6)); + memset(&p, 0, sizeof(struct prefix)); p.family = AF_INET6; p.prefixlen = stream_getc(s); stream_get(&p.u.prefix6, s, PSIZE(p.prefixlen));