From dbfd865b05d6c4e9395a39bb24f5eaf0b850451c Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Thu, 24 Aug 2017 19:15:20 -0400 Subject: [PATCH 1/6] eigrpd: Cleanup various SA Issues 1) Handle key value not found on interface 2) Handle various NULL pointer possibilities 3) Fix possible integer overflow 4) Fix memory leak 5) Check return codes on sscanf Signed-off-by: Donald Sharp --- eigrpd/eigrp_dump.c | 6 ++++-- eigrpd/eigrp_hello.c | 6 +++++- eigrpd/eigrp_interface.c | 9 ++++----- eigrpd/eigrp_packet.c | 29 ++++++++++++++++++----------- eigrpd/eigrp_topology.c | 2 +- eigrpd/eigrp_update.c | 3 +++ 6 files changed, 35 insertions(+), 20 deletions(-) diff --git a/eigrpd/eigrp_dump.c b/eigrpd/eigrp_dump.c index 74515c98cb..98c72668fc 100644 --- a/eigrpd/eigrp_dump.c +++ b/eigrpd/eigrp_dump.c @@ -295,11 +295,13 @@ void show_ip_eigrp_prefix_entry(struct vty *vty, struct eigrp_prefix_entry *tn) vty_out(vty, "%s, ", prefix2str(tn->destination, buffer, PREFIX_STRLEN)); - vty_out(vty, "%u successors, ", successors->count); + vty_out(vty, "%u successors, ", + (successors) ? successors->count : 0); vty_out(vty, "FD is %u, serno: %" PRIu64 " \n", tn->fdistance, tn->serno); - list_delete(successors); + if (successors) + list_delete(successors); } void show_ip_eigrp_neighbor_entry(struct vty *vty, struct eigrp *eigrp, diff --git a/eigrpd/eigrp_hello.c b/eigrpd/eigrp_hello.c index ef10ebf54c..49647c6b85 100644 --- a/eigrpd/eigrp_hello.c +++ b/eigrpd/eigrp_hello.c @@ -412,11 +412,15 @@ void eigrp_sw_version_initialize(void) { char ver_string[] = VERSION; char *dash = strstr(ver_string, "-"); + int ret; if (dash) dash[0] = '\0'; - sscanf(ver_string, "%d.%d", &FRR_MAJOR, &FRR_MINOR); + ret = sscanf(ver_string, "%d.%d", &FRR_MAJOR, &FRR_MINOR); + if (ret != 2) + zlog_err("Did not Properly parse %s, please fix VERSION string", + VERSION); } /** diff --git a/eigrpd/eigrp_interface.c b/eigrpd/eigrp_interface.c index ae9ec293ce..59b1724f85 100644 --- a/eigrpd/eigrp_interface.c +++ b/eigrpd/eigrp_interface.c @@ -249,15 +249,14 @@ int eigrp_if_up(struct eigrp_interface *ei) struct eigrp_metrics metric; struct eigrp_interface *ei2; struct listnode *node, *nnode; - struct eigrp *eigrp = eigrp_lookup(); + struct eigrp *eigrp; if (ei == NULL) return 0; - if (eigrp != NULL) - eigrp_adjust_sndbuflen(eigrp, ei->ifp->mtu); - else - zlog_warn("%s: eigrp_lookup () returned NULL", __func__); + eigrp = ei->eigrp; + eigrp_adjust_sndbuflen(eigrp, ei->ifp->mtu); + eigrp_if_stream_set(ei); /* Set multicast memberships appropriately for new state. */ diff --git a/eigrpd/eigrp_packet.c b/eigrpd/eigrp_packet.c index 68e7cdcbbe..8a7d4d9587 100644 --- a/eigrpd/eigrp_packet.c +++ b/eigrpd/eigrp_packet.c @@ -193,6 +193,12 @@ int eigrp_check_md5_digest(struct stream *s, if (keychain) key = key_lookup_for_send(keychain); + if (!key) { + zlog_warn("Interface %s: Expected key value not found in config", + nbr->ei->ifp->name); + return 0; + } + memset(&ctx, 0, sizeof(ctx)); MD5Init(&ctx); @@ -229,8 +235,7 @@ int eigrp_check_md5_digest(struct stream *s, } /* save neighbor's crypt_seqnum */ - if (nbr) - nbr->crypt_seqnum = authTLV->key_sequence; + nbr->crypt_seqnum = authTLV->key_sequence; return 1; } @@ -240,10 +245,11 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, { struct key *key = NULL; struct keychain *keychain; - char *source_ip; + char source_ip[PREFIX_STRLEN]; unsigned char digest[EIGRP_AUTH_TYPE_SHA256_LEN]; unsigned char buffer[1 + PLAINTEXT_LENGTH + 45 + 1] = {0}; + HMAC_SHA256_CTX ctx; void *ibuf; size_t backup_get, backup_end; @@ -263,11 +269,13 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, if (keychain) key = key_lookup_for_send(keychain); - // saved_len[index] = strnzcpyn(saved_key[index], key, - // PLAINTEXT_LENGTH + 1); + if (!key) { + zlog_warn("Interface %s: Expected key value not found in config", + ei->ifp->name); + return 0; + } - source_ip = calloc(16, sizeof(char)); - inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16); + inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, PREFIX_STRLEN); memset(&ctx, 0, sizeof(ctx)); buffer[0] = '\n'; @@ -287,7 +295,6 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, stream_set_endp(s, backup_end); eigrp_authTLV_SHA256_free(auth_TLV); - free(source_ip); return EIGRP_AUTH_TYPE_SHA256_LEN; } @@ -613,10 +620,10 @@ int eigrp_read(struct thread *thread) opcode = eigrph->opcode; if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) { - char src[100], dst[100]; + char src[PREFIX_STRLEN], dst[PREFIX_STRLEN]; - strcpy(src, inet_ntoa(iph->ip_src)); - strcpy(dst, inet_ntoa(iph->ip_dst)); + strncpy(src, inet_ntoa(iph->ip_src), PREFIX_STRLEN); + strncpy(dst, inet_ntoa(iph->ip_dst), PREFIX_STRLEN); zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]", lookup_msg(eigrp_packet_type_str, opcode, NULL), ntohl(eigrph->sequence), ntohl(eigrph->ack), length, diff --git a/eigrpd/eigrp_topology.c b/eigrpd/eigrp_topology.c index 64e65b694c..8390bfc66e 100644 --- a/eigrpd/eigrp_topology.c +++ b/eigrpd/eigrp_topology.c @@ -444,7 +444,7 @@ void eigrp_topology_update_node_flags(struct eigrp_prefix_entry *dest) for (ALL_LIST_ELEMENTS_RO(dest->entries, node, entry)) { if (((uint64_t)entry->distance - <= (uint64_t)(dest->distance * eigrp->variance)) + <= (uint64_t)dest->distance * (uint64_t)eigrp->variance) && entry->distance != EIGRP_MAX_METRIC) // is successor { entry->flags |= EIGRP_NEIGHBOR_ENTRY_SUCCESSOR_FLAG; diff --git a/eigrpd/eigrp_update.c b/eigrpd/eigrp_update.c index d6a1134124..430068496b 100644 --- a/eigrpd/eigrp_update.c +++ b/eigrpd/eigrp_update.c @@ -443,6 +443,9 @@ void eigrp_update_receive(struct eigrp *eigrp, struct ip *iph, eigrp_query_send_all(eigrp); eigrp_update_send_all(eigrp, ei); + + if (nbr_prefixes) + list_delete(nbr_prefixes); } /*send EIGRP Update packet*/ From cc9b06ad5e58968356ab4edf30f3fd9eb7583b47 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Thu, 24 Aug 2017 19:45:25 -0400 Subject: [PATCH 2/6] eigrpd, ospfd: Cleanup inet_aton return code checking Signed-off-by: Donald Sharp --- eigrpd/eigrp_vty.c | 12 ++++++++++-- ospfd/ospf_vty.c | 30 ++++++++++++++++++++++++------ 2 files changed, 34 insertions(+), 8 deletions(-) diff --git a/eigrpd/eigrp_vty.c b/eigrpd/eigrp_vty.c index 4a8842f30e..c0f8d36b49 100644 --- a/eigrpd/eigrp_vty.c +++ b/eigrpd/eigrp_vty.c @@ -1267,7 +1267,11 @@ DEFUN (clear_ip_eigrp_neighbors_IP, struct eigrp_neighbor *nbr; struct in_addr nbr_addr; - inet_aton(argv[4]->arg, &nbr_addr); + if (!inet_aton(argv[4]->arg, &nbr_addr)) { + vty_out(vty, "Unable to parse %s", + argv[4]->arg); + return CMD_WARNING; + } /* Check if eigrp process is enabled */ eigrp = eigrp_lookup(); @@ -1370,7 +1374,11 @@ DEFUN (clear_ip_eigrp_neighbors_IP_soft, struct eigrp_neighbor *nbr; struct in_addr nbr_addr; - inet_aton(argv[4]->arg, &nbr_addr); + if (!inet_aton(argv[4]->arg, &nbr_addr)) { + vty_out(vty, "Unable to parse: %s", + argv[4]->arg); + return CMD_WARNING; + } /* Check if eigrp process is enabled */ eigrp = eigrp_lookup(); diff --git a/ospfd/ospf_vty.c b/ospfd/ospf_vty.c index 87aef1ea97..96b6fe8bf9 100644 --- a/ospfd/ospf_vty.c +++ b/ospfd/ospf_vty.c @@ -2306,7 +2306,10 @@ DEFUN (ospf_neighbor, unsigned int priority = OSPF_NEIGHBOR_PRIORITY_DEFAULT; unsigned int interval = OSPF_POLL_INTERVAL_DEFAULT; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } if (argc > 2) priority = strtoul(argv[idx_pri]->arg, NULL, 10); @@ -2343,7 +2346,10 @@ DEFUN (ospf_neighbor_poll_interval, unsigned int priority = OSPF_NEIGHBOR_PRIORITY_DEFAULT; unsigned int interval = OSPF_POLL_INTERVAL_DEFAULT; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } interval = strtoul(argv[idx_poll]->arg, NULL, 10); @@ -2374,7 +2380,10 @@ DEFUN (no_ospf_neighbor, int idx_ipv4 = 2; struct in_addr nbr_addr; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } (void)ospf_nbr_nbma_unset(ospf, nbr_addr); @@ -2396,7 +2405,10 @@ DEFUN (no_ospf_neighbor_poll, int idx_ipv4 = 2; struct in_addr nbr_addr; - inet_aton(argv[idx_ipv4]->arg, &nbr_addr); + if (!inet_aton(argv[idx_ipv4]->arg, &nbr_addr)) { + vty_out(vty, "Please specify Neighbor ID by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } (void)ospf_nbr_nbma_unset(ospf, nbr_addr); @@ -6958,7 +6970,10 @@ DEFUN (ip_ospf_area, // Check if we have an address arg and proccess it if (argc == idx + 3) { - inet_aton(argv[idx + 2]->arg, &addr); + if (!inet_aton(argv[idx + 2]->arg, &addr)) { + vty_out(vty, "Please specify Intf Address by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } // update/create address-level params params = ospf_get_if_params((ifp), (addr)); if (OSPF_IF_PARAM_CONFIGURED(params, if_area)) { @@ -7017,7 +7032,10 @@ DEFUN (no_ip_ospf_area, // Check if we have an address arg and proccess it if (argc == idx + 3) { - inet_aton(argv[idx + 2]->arg, &addr); + if (!inet_aton(argv[idx + 2]->arg, &addr)) { + vty_out(vty, "Please specify Intf Address by A.B.C.D\n"); + return CMD_WARNING_CONFIG_FAILED; + } params = ospf_lookup_if_params(ifp, addr); if ((params) == NULL) return CMD_SUCCESS; From e691f179b6c6fc26536e68958f19ff6983a03274 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Thu, 24 Aug 2017 19:54:21 -0400 Subject: [PATCH 3/6] pimd: Cleanup a variety of SA issues 1) Error check return from setsockopt and sockets 2) Check return codes for str2prefix 3) Clean up some potential NULL References Signed-off-by: Donald Sharp --- pimd/pim_cmd.c | 3 +++ pimd/pim_instance.c | 15 ++++++++++----- pimd/pim_mroute.c | 23 ++++++++++++++--------- pimd/pim_msdp_socket.c | 16 ++++++++++++++-- pimd/pim_rp.c | 4 +++- pimd/pim_sock.c | 9 ++++----- pimd/pim_sock.h | 2 +- pimd/pim_ssm.c | 5 ++++- pimd/pim_zebra.c | 7 +++++++ 9 files changed, 60 insertions(+), 24 deletions(-) diff --git a/pimd/pim_cmd.c b/pimd/pim_cmd.c index ae509f4a9b..4a9c53cf29 100644 --- a/pimd/pim_cmd.c +++ b/pimd/pim_cmd.c @@ -4895,6 +4895,9 @@ DEFUN (show_ip_mroute_count, int idx = 2; struct vrf *vrf = pim_cmd_lookup_vrf(vty, argv, argc, &idx); + if (!vrf) + return CMD_WARNING; + show_mroute_count(vrf->info, vty); return CMD_SUCCESS; } diff --git a/pimd/pim_instance.c b/pimd/pim_instance.c index 7fc77556ec..d1f8085b48 100644 --- a/pimd/pim_instance.c +++ b/pimd/pim_instance.c @@ -195,11 +195,16 @@ static int pim_vrf_config_write(struct vty *vty) RB_FOREACH(vrf, vrf_name_head, &vrfs_by_name) { pim = vrf->info; - if (!pim || vrf->vrf_id != VRF_DEFAULT) { - vty_out(vty, "vrf %s\n", vrf->name); - pim_global_config_write_worker(pim, vty); - vty_out(vty, "!\n"); - } + + if (!pim) + continue; + + if (vrf->vrf_id == VRF_DEFAULT) + continue; + + vty_out(vty, "vrf %s\n", vrf->name); + pim_global_config_write_worker(pim, vty); + vty_out(vty, "!\n"); } return 0; diff --git a/pimd/pim_mroute.c b/pimd/pim_mroute.c index 52d240f54b..dca3bf4af3 100644 --- a/pimd/pim_mroute.c +++ b/pimd/pim_mroute.c @@ -713,21 +713,26 @@ int pim_mroute_socket_enable(struct pim_instance *pim) fd = socket(AF_INET, SOCK_RAW, IPPROTO_IGMP); -#ifdef SO_BINDTODEVICE - setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, pim->vrf->name, - strlen(pim->vrf->name)); -#endif - - if (pimd_privs.change(ZPRIVS_LOWER)) - zlog_err("pim_mroute_socket_enable: could not lower privs, %s", - safe_strerror(errno)); - if (fd < 0) { zlog_warn("Could not create mroute socket: errno=%d: %s", errno, safe_strerror(errno)); return -2; } +#ifdef SO_BINDTODEVICE + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, pim->vrf->name, + strlen(pim->vrf->name))) { + zlog_warn("Could not setsockopt SO_BINDTODEVICE: %s", + safe_strerror(errno)); + close(fd); + return -3; + } +#endif + + if (pimd_privs.change(ZPRIVS_LOWER)) + zlog_err("pim_mroute_socket_enable: could not lower privs, %s", + safe_strerror(errno)); + pim->mroute_socket = fd; if (pim_mroute_set(pim, 1)) { zlog_warn( diff --git a/pimd/pim_msdp_socket.c b/pimd/pim_msdp_socket.c index 9473462e63..f245a04353 100644 --- a/pimd/pim_msdp_socket.c +++ b/pimd/pim_msdp_socket.c @@ -156,9 +156,15 @@ int pim_msdp_sock_listen(struct pim_instance *pim) if (!ifp) { zlog_err("%s: Unable to lookup vrf interface: %s", __PRETTY_FUNCTION__, pim->vrf->name); + close(sock); + return -1; + } + if (pim_socket_bind(sock, ifp)) { + zlog_err("%s: Unable to bind to socket: %s", + __PRETTY_FUNCTION__, safe_strerror(errno)); + close(sock); return -1; } - pim_socket_bind(sock, ifp); } if (pimd_privs.change(ZPRIVS_RAISE)) { @@ -236,7 +242,13 @@ int pim_msdp_sock_connect(struct pim_msdp_peer *mp) __PRETTY_FUNCTION__, mp->pim->vrf->name); return -1; } - pim_socket_bind(mp->fd, ifp); + if (pim_socket_bind(mp->fd, ifp)) { + zlog_err("%s: Unable to bind to socket: %s", + __PRETTY_FUNCTION__, safe_strerror(errno)); + close(mp->fd); + mp->fd = -1; + return -1; + } } set_nonblocking(mp->fd); diff --git a/pimd/pim_rp.c b/pimd/pim_rp.c index 05592992a9..e2c411a307 100644 --- a/pimd/pim_rp.c +++ b/pimd/pim_rp.c @@ -542,7 +542,9 @@ int pim_rp_del(struct pim_instance *pim, const char *rp, } pim_delete_tracked_nexthop(pim, &nht_p, NULL, rp_info); - str2prefix("224.0.0.0/4", &g_all); + if (!str2prefix("224.0.0.0/4", &g_all)) + return PIM_RP_BAD_ADDRESS; + rp_all = pim_rp_find_match_group(pim, &g_all); if (rp_all == rp_info) { diff --git a/pimd/pim_sock.c b/pimd/pim_sock.c index a4d3d7e4b3..a5a842ceee 100644 --- a/pimd/pim_sock.c +++ b/pimd/pim_sock.c @@ -65,22 +65,21 @@ int pim_socket_raw(int protocol) return fd; } -int pim_socket_ip_hdr(int fd) +void pim_socket_ip_hdr(int fd) { const int on = 1; - int ret; if (pimd_privs.change(ZPRIVS_RAISE)) zlog_err("%s: could not raise privs, %s", __PRETTY_FUNCTION__, safe_strerror(errno)); - ret = setsockopt(fd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)); + if (setsockopt(fd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on))) + zlog_err("%s: Could not turn on IP_HDRINCL option: %s", + __PRETTY_FUNCTION__, safe_strerror(errno)); if (pimd_privs.change(ZPRIVS_LOWER)) zlog_err("%s: could not lower privs, %s", __PRETTY_FUNCTION__, safe_strerror(errno)); - - return ret; } /* diff --git a/pimd/pim_sock.h b/pimd/pim_sock.h index aa46cd6200..358dd39a44 100644 --- a/pimd/pim_sock.h +++ b/pimd/pim_sock.h @@ -36,7 +36,7 @@ #define PIM_SOCK_ERR_BIND (-11) /* Can't bind to interface */ int pim_socket_bind(int fd, struct interface *ifp); -int pim_socket_ip_hdr(int fd); +void pim_socket_ip_hdr(int fd); int pim_socket_raw(int protocol); int pim_socket_mcast(int protocol, struct in_addr ifaddr, struct interface *ifp, u_char loop); diff --git a/pimd/pim_ssm.c b/pimd/pim_ssm.c index 8d270e6205..71bb6f2abd 100644 --- a/pimd/pim_ssm.c +++ b/pimd/pim_ssm.c @@ -71,7 +71,10 @@ static int pim_is_grp_standard_ssm(struct prefix *group) static struct prefix group_ssm; if (first) { - str2prefix(PIM_SSM_STANDARD_RANGE, &group_ssm); + if (!str2prefix(PIM_SSM_STANDARD_RANGE, &group_ssm)) + zlog_err("%s: Failure to Read Group Address: %s", + __PRETTY_FUNCTION__, PIM_SSM_STANDARD_RANGE); + first = 0; } diff --git a/pimd/pim_zebra.c b/pimd/pim_zebra.c index 7b060aef4b..a1107e2424 100644 --- a/pimd/pim_zebra.c +++ b/pimd/pim_zebra.c @@ -184,6 +184,13 @@ static int pim_zebra_if_state_up(int command, struct zclient *zclient, && (ifp->vrf_id != vrf->vrf_id)) { struct interface *master = if_lookup_by_name( vrf->name, vrf->vrf_id); + + if (!master) { + zlog_debug("%s: Unable to find Master interface for %s", + __PRETTY_FUNCTION__, + vrf->name); + return 0; + } zclient_interface_set_master(zclient, master, ifp); } From 0af35d90a125952d04aa892522b6be324f2dfbf7 Mon Sep 17 00:00:00 2001 From: Renato Westphal Date: Thu, 24 Aug 2017 21:43:29 -0300 Subject: [PATCH 4/6] *: fix assorted issues detected by Coverity Scan Signed-off-by: Renato Westphal --- bgpd/bgp_evpn.c | 4 +-- bgpd/bgp_route.c | 4 --- bgpd/bgp_routemap.c | 4 ++- bgpd/rfapi/bgp_rfapi_cfg.c | 62 -------------------------------------- bgpd/rfapi/rfapi_import.c | 3 +- lib/routemap.c | 2 +- ospf6d/ospf6_zebra.c | 6 +--- ospfd/ospf_te.c | 2 +- ripd/ripd.c | 1 + ripngd/ripngd.c | 2 ++ zebra/if_netlink.c | 2 +- zebra/interface.c | 2 +- zebra/ioctl.c | 2 +- zebra/irdp_packet.c | 1 + zebra/rt_netlink.c | 6 ++-- zebra/rtadv.c | 1 + zebra/zebra_mpls.c | 6 ++-- zebra/zebra_mroute.c | 4 +-- zebra/zebra_pw.c | 1 + zebra/zebra_vrf.c | 2 +- zebra/zebra_vty.c | 14 +++++++-- zebra/zebra_vxlan.c | 14 +++++---- 22 files changed, 48 insertions(+), 97 deletions(-) diff --git a/bgpd/bgp_evpn.c b/bgpd/bgp_evpn.c index 0560dc46f9..75c1237bca 100644 --- a/bgpd/bgp_evpn.c +++ b/bgpd/bgp_evpn.c @@ -2042,7 +2042,7 @@ static void evpn_mpattr_encode_type5(struct stream *s, struct prefix *p, /* Prefix contains RD, ESI, EthTag, IP length, IP, GWIP and VNI */ stream_putc(s, 8 + 10 + 4 + 1 + len + 3); stream_put(s, prd->val, 8); - if (attr && attr) + if (attr) stream_put(s, &(attr->evpn_overlay.eth_s_id), 10); else stream_put(s, &temp, 10); @@ -2052,7 +2052,7 @@ static void evpn_mpattr_encode_type5(struct stream *s, struct prefix *p, stream_put_ipv4(s, p_evpn_p->ip.ipaddr_v4.s_addr); else stream_put(s, &p_evpn_p->ip.ipaddr_v6, 16); - if (attr && attr) { + if (attr) { if (IS_IPADDR_V4(&p_evpn_p->ip)) stream_put_ipv4(s, attr->evpn_overlay.gw_ip.ipv4.s_addr); diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index beb1e2a2a0..768b2b8fb6 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -10298,10 +10298,6 @@ static int bgp_show_neighbor_route(struct vty *vty, struct peer *peer, return CMD_WARNING; } - /* labeled-unicast routes live in the unicast table */ - if (safi == SAFI_LABELED_UNICAST) - safi = SAFI_UNICAST; - return bgp_show(vty, peer->bgp, afi, safi, type, &peer->su, use_json); } diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c index 5a5d2a5d5d..307880f9d1 100644 --- a/bgpd/bgp_routemap.c +++ b/bgpd/bgp_routemap.c @@ -658,8 +658,10 @@ static void *route_match_vni_compile(const char *arg) return NULL; *vni = strtoul(arg, &end, 10); - if (*end != '\0') + if (*end != '\0') { + XFREE(MTYPE_ROUTE_MAP_COMPILED, vni); return NULL; + } return vni; } diff --git a/bgpd/rfapi/bgp_rfapi_cfg.c b/bgpd/rfapi/bgp_rfapi_cfg.c index c8e2dd9525..e3b446f76a 100644 --- a/bgpd/rfapi/bgp_rfapi_cfg.c +++ b/bgpd/rfapi/bgp_rfapi_cfg.c @@ -2977,11 +2977,6 @@ DEFUN_NOSH (vnc_vrf_policy, struct rfapi_nve_group_cfg *rfg; VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* Search for name */ rfg = bgp_rfapi_cfg_match_byname(bgp, argv[1]->arg, RFAPI_GROUP_CFG_VRF); @@ -3012,10 +3007,6 @@ DEFUN (vnc_no_vrf_policy, { VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } return bgp_rfapi_delete_named_nve_group(vty, bgp, argv[2]->arg, RFAPI_GROUP_CFG_VRF); } @@ -3031,11 +3022,6 @@ DEFUN (vnc_vrf_policy_label, uint32_t label; VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3145,11 +3131,6 @@ DEFUN (vnc_vrf_policy_rt_import, int is_export_bgp = 0; int is_export_zebra = 0; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3213,11 +3194,6 @@ DEFUN (vnc_vrf_policy_rt_export, VTY_DECLVAR_CONTEXT(bgp, bgp); int rc; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3253,11 +3229,6 @@ DEFUN (vnc_vrf_policy_rt_both, struct listnode *node; struct rfapi_rfg_name *rfgn; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3333,11 +3304,6 @@ DEFUN (vnc_vrf_policy_rd, VTY_DECLVAR_CONTEXT_SUB(rfapi_nve_group_cfg, rfg); VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->nve_groups_sequential, rfg)) { /* Not in list anymore */ @@ -3420,11 +3386,6 @@ DEFUN_NOSH (vnc_l2_group, struct rfapi_l2_group_cfg *rfg; VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* Search for name */ rfg = rfapi_l2_group_lookup_byname(bgp, argv[1]->arg); @@ -3505,10 +3466,6 @@ DEFUN (vnc_no_l2_group, { VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } return bgp_rfapi_delete_named_l2_group(vty, bgp, argv[3]->arg); } @@ -3522,11 +3479,6 @@ DEFUN (vnc_l2_group_lni, VTY_DECLVAR_CONTEXT_SUB(rfapi_l2_group_cfg, rfg); VTY_DECLVAR_CONTEXT(bgp, bgp); - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { /* Not in list anymore */ @@ -3549,11 +3501,6 @@ DEFUN (vnc_l2_group_labels, VTY_DECLVAR_CONTEXT(bgp, bgp); struct list *ll; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { /* Not in list anymore */ @@ -3589,11 +3536,6 @@ DEFUN (vnc_l2_group_no_labels, VTY_DECLVAR_CONTEXT(bgp, bgp); struct list *ll; - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } - /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { /* Not in list anymore */ @@ -3646,10 +3588,6 @@ DEFUN (vnc_l2_group_rt, vty_out(vty, "Unknown option, %s\n", argv[1]->arg); return CMD_ERR_NO_MATCH; } - if (!bgp) { - vty_out(vty, "No BGP process is configured\n"); - return CMD_WARNING_CONFIG_FAILED; - } /* make sure it's still in list */ if (!listnode_lookup(bgp->rfapi_cfg->l2_groups, rfg)) { diff --git a/bgpd/rfapi/rfapi_import.c b/bgpd/rfapi/rfapi_import.c index d63975a22b..3f427c3903 100644 --- a/bgpd/rfapi/rfapi_import.c +++ b/bgpd/rfapi/rfapi_import.c @@ -3875,10 +3875,9 @@ rfapiBgpInfoFilteredImportFunction(safi_t safi) default: /* not expected */ + zlog_err("%s: bad safi %d", __func__, safi); return NULL; } - zlog_err("%s: bad safi %d", __func__, safi); - return NULL; } void rfapiProcessUpdate(struct peer *peer, diff --git a/lib/routemap.c b/lib/routemap.c index a70248633c..5f74189700 100644 --- a/lib/routemap.c +++ b/lib/routemap.c @@ -2201,7 +2201,7 @@ DEFUN (no_set_ip_nexthop, "Next hop address\n" "IP address of next hop\n") { - int idx; + int idx = 0; VTY_DECLVAR_CONTEXT(route_map_index, index); const char *arg = NULL; diff --git a/ospf6d/ospf6_zebra.c b/ospf6d/ospf6_zebra.c index 3443bc47b6..2d04790d23 100644 --- a/ospf6d/ospf6_zebra.c +++ b/ospf6d/ospf6_zebra.c @@ -231,11 +231,7 @@ static int ospf6_zebra_read_route(int command, struct zclient *zclient, char prefixstr[PREFIX2STR_BUFFER], nexthopstr[128]; prefix2str((struct prefix *)&api.prefix, prefixstr, sizeof(prefixstr)); - if (nexthop) - inet_ntop(AF_INET6, nexthop, nexthopstr, - sizeof(nexthopstr)); - else - snprintf(nexthopstr, sizeof(nexthopstr), "::"); + inet_ntop(AF_INET6, nexthop, nexthopstr, sizeof(nexthopstr)); zlog_debug( "Zebra Receive route %s: %s %s nexthop %s ifindex %ld tag %" ROUTE_TAG_PRI, diff --git a/ospfd/ospf_te.c b/ospfd/ospf_te.c index 1c1c76c1af..5517008909 100644 --- a/ospfd/ospf_te.c +++ b/ospfd/ospf_te.c @@ -2425,7 +2425,7 @@ DEFUN (show_ip_ospf_mpls_te_router, if (ntohs(OspfMplsTE.router_addr.header.type) != 0) show_vty_router_addr(vty, &OspfMplsTE.router_addr.header); - else if (vty != NULL) + else vty_out(vty, " N/A\n"); } return CMD_SUCCESS; diff --git a/ripd/ripd.c b/ripd/ripd.c index d9b38bba89..36eceafd9b 100644 --- a/ripd/ripd.c +++ b/ripd/ripd.c @@ -1685,6 +1685,7 @@ int rip_recvmsg(int sock, u_char *buf, int size, struct sockaddr_in *from, struct cmsghdr *ptr; char adata[1024]; + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)from; msg.msg_namelen = sizeof(struct sockaddr_in); msg.msg_iov = &iov; diff --git a/ripngd/ripngd.c b/ripngd/ripngd.c index 2883698f47..d8017622d1 100644 --- a/ripngd/ripngd.c +++ b/ripngd/ripngd.c @@ -176,6 +176,7 @@ int ripng_send_packet(caddr_t buf, int bufsize, struct sockaddr_in6 *to, addr.sin6_port = htons(RIPNG_PORT_DEFAULT); } + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)&addr; msg.msg_namelen = sizeof(struct sockaddr_in6); msg.msg_iov = &iov; @@ -228,6 +229,7 @@ static int ripng_recv_packet(int sock, u_char *buf, int bufsize, char adata[1024]; /* Fill in message and iovec. */ + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)from; msg.msg_namelen = sizeof(struct sockaddr_in6); msg.msg_iov = &iov; diff --git a/zebra/if_netlink.c b/zebra/if_netlink.c index 0d08155178..ff69ce47cf 100644 --- a/zebra/if_netlink.c +++ b/zebra/if_netlink.c @@ -393,7 +393,7 @@ static int get_iflink_speed(const char *ifname) memset(&ifdata, 0, sizeof(ifdata)); /* set interface name */ - strcpy(ifdata.ifr_name, ifname); + strlcpy(ifdata.ifr_name, ifname, sizeof(ifdata.ifr_name)); /* initialize ethtool interface */ memset(&ecmd, 0, sizeof(ecmd)); diff --git a/zebra/interface.c b/zebra/interface.c index c17e408ea0..12312ff43a 100644 --- a/zebra/interface.c +++ b/zebra/interface.c @@ -493,7 +493,7 @@ void if_add_update(struct interface *ifp) if (!CHECK_FLAG(ifp->status, ZEBRA_INTERFACE_ACTIVE)) { SET_FLAG(ifp->status, ZEBRA_INTERFACE_ACTIVE); - if (if_data && if_data->shutdown == IF_ZEBRA_SHUTDOWN_ON) { + if (if_data->shutdown == IF_ZEBRA_SHUTDOWN_ON) { if (IS_ZEBRA_DEBUG_KERNEL) zlog_debug( "interface %s vrf %u index %d is shutdown. " diff --git a/zebra/ioctl.c b/zebra/ioctl.c index 835f1f4934..4404bb4483 100644 --- a/zebra/ioctl.c +++ b/zebra/ioctl.c @@ -44,7 +44,7 @@ extern struct zebra_privs_t zserv_privs; /* clear and set interface name string */ void ifreq_set_name(struct ifreq *ifreq, struct interface *ifp) { - strncpy(ifreq->ifr_name, ifp->name, IFNAMSIZ); + strlcpy(ifreq->ifr_name, ifp->name, sizeof(ifreq->ifr_name)); } /* call ioctl system call */ diff --git a/zebra/irdp_packet.c b/zebra/irdp_packet.c index 0832245536..11bc9b0440 100644 --- a/zebra/irdp_packet.c +++ b/zebra/irdp_packet.c @@ -182,6 +182,7 @@ static int irdp_recvmsg(int sock, u_char *buf, int size, int *ifindex) char adata[CMSG_SPACE(SOPT_SIZE_CMSG_PKTINFO_IPV4())]; int ret; + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)0; msg.msg_namelen = 0; msg.msg_iov = &iov; diff --git a/zebra/rt_netlink.c b/zebra/rt_netlink.c index e28fe5630a..c2e8349bf5 100644 --- a/zebra/rt_netlink.c +++ b/zebra/rt_netlink.c @@ -558,8 +558,8 @@ static int netlink_route_change_read_multicast(struct sockaddr_nl *snl, if (IS_ZEBRA_DEBUG_KERNEL) { struct interface *ifp; - strcpy(sbuf, inet_ntoa(m->sg.src)); - strcpy(gbuf, inet_ntoa(m->sg.grp)); + strlcpy(sbuf, inet_ntoa(m->sg.src), sizeof(sbuf)); + strlcpy(gbuf, inet_ntoa(m->sg.grp), sizeof(gbuf)); for (count = 0; count < oif_count; count++) { ifp = if_lookup_by_index(oif[count], vrf); char temp[256]; @@ -1553,6 +1553,8 @@ int kernel_get_ipmr_sg_stats(struct zebra_vrf *zvrf, void *in) int kernel_route_rib(struct prefix *p, struct prefix *src_p, struct route_entry *old, struct route_entry *new) { + assert(old || new); + if (!old && new) return netlink_route_multipath(RTM_NEWROUTE, p, src_p, new, 0); if (old && !new) diff --git a/zebra/rtadv.c b/zebra/rtadv.c index 2182d6618c..295975c5ca 100644 --- a/zebra/rtadv.c +++ b/zebra/rtadv.c @@ -107,6 +107,7 @@ static int rtadv_recv_packet(struct zebra_ns *zns, int sock, u_char *buf, char adata[1024]; /* Fill in message and iovec. */ + memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)from; msg.msg_namelen = sizeof(struct sockaddr_in6); msg.msg_iov = &iov; diff --git a/zebra/zebra_mpls.c b/zebra/zebra_mpls.c index cee3a03858..3c4de40db3 100644 --- a/zebra/zebra_mpls.c +++ b/zebra/zebra_mpls.c @@ -840,7 +840,7 @@ static void lsp_schedule(struct hash_backet *backet, void *ctxt) zebra_lsp_t *lsp; lsp = (zebra_lsp_t *)backet->data; - lsp_processq_add(lsp); + (void)lsp_processq_add(lsp); } /* @@ -2718,10 +2718,10 @@ int zebra_mpls_write_lsp_config(struct vty *vty, struct zebra_vrf *zvrf) for (ALL_LIST_ELEMENTS_RO(slsp_list, node, slsp)) { for (snhlfe = slsp->snhlfe_list; snhlfe; snhlfe = snhlfe->next) { - char buf[INET6_ADDRSTRLEN]; + char buf[BUFSIZ]; char lstr[30]; - snhlfe2str(snhlfe, buf, BUFSIZ); + snhlfe2str(snhlfe, buf, sizeof(buf)); switch (snhlfe->out_label) { case MPLS_V4_EXP_NULL_LABEL: case MPLS_V6_EXP_NULL_LABEL: diff --git a/zebra/zebra_mroute.c b/zebra/zebra_mroute.c index c4d674df23..75d5d5d627 100644 --- a/zebra/zebra_mroute.c +++ b/zebra/zebra_mroute.c @@ -48,8 +48,8 @@ int zebra_ipmr_route_stats(struct zserv *client, int fd, u_short length, char sbuf[40]; char gbuf[40]; - strcpy(sbuf, inet_ntoa(mroute.sg.src)); - strcpy(gbuf, inet_ntoa(mroute.sg.grp)); + strlcpy(sbuf, inet_ntoa(mroute.sg.src), sizeof(sbuf)); + strlcpy(gbuf, inet_ntoa(mroute.sg.grp), sizeof(gbuf)); zlog_debug("Asking for (%s,%s) mroute information", sbuf, gbuf); } diff --git a/zebra/zebra_pw.c b/zebra/zebra_pw.c index 0b6263fac5..ce9f19c3cc 100644 --- a/zebra/zebra_pw.c +++ b/zebra/zebra_pw.c @@ -328,6 +328,7 @@ DEFUN_NOSH (pseudowire_if, if (!pw) return CMD_SUCCESS; zebra_pw_del(zvrf, pw); + return CMD_SUCCESS; } if (!pw) diff --git a/zebra/zebra_vrf.c b/zebra/zebra_vrf.c index ff140bad67..82c0524a8f 100644 --- a/zebra/zebra_vrf.c +++ b/zebra/zebra_vrf.c @@ -470,7 +470,7 @@ static int vrf_config_write(struct vty *vty) RB_FOREACH(vrf, vrf_name_head, &vrfs_by_name) { zvrf = vrf->info; - if (!zvrf || strcmp(zvrf_name(zvrf), VRF_DEFAULT_NAME)) { + if (strcmp(zvrf_name(zvrf), VRF_DEFAULT_NAME)) { vty_out(vty, "vrf %s\n", zvrf_name(zvrf)); vty_out(vty, "!\n"); } diff --git a/zebra/zebra_vty.c b/zebra/zebra_vty.c index 9f887e8401..7649d5f358 100644 --- a/zebra/zebra_vty.c +++ b/zebra/zebra_vty.c @@ -1181,7 +1181,10 @@ DEFUN (show_ip_route, tag = strtoul(argv[idx + 1]->arg, NULL, 10); else if (argv_find(argv, argc, "A.B.C.D/M", &idx)) { - str2prefix(argv[idx]->arg, &p); + if (str2prefix(argv[idx]->arg, &p) <= 0) { + vty_out(vty, "%% Malformed prefix\n"); + return CMD_WARNING; + } longer_prefixes = true; } @@ -1834,7 +1837,10 @@ DEFUN (show_ipv6_route, tag = strtoul(argv[idx + 1]->arg, NULL, 10); else if (argv_find(argv, argc, "X:X::X:X/M", &idx)) { - str2prefix(argv[idx]->arg, &p); + if (str2prefix(argv[idx]->arg, &p) <= 0) { + vty_out(vty, "%% Malformed prefix\n"); + return CMD_WARNING; + } longer_prefixes = true; } @@ -2572,6 +2578,8 @@ DEFUN (ip_zebra_import_table_distance, vty_out(vty, "Invalid routing table ID, %d. Must be in range 1-252\n", table_id); + if (rmap) + XFREE(MTYPE_ROUTE_MAP_NAME, rmap); return CMD_WARNING; } @@ -2579,6 +2587,8 @@ DEFUN (ip_zebra_import_table_distance, vty_out(vty, "Invalid routing table ID, %d. Must be non-default table\n", table_id); + if (rmap) + XFREE(MTYPE_ROUTE_MAP_NAME, rmap); return CMD_WARNING; } diff --git a/zebra/zebra_vxlan.c b/zebra/zebra_vxlan.c index f99c16ae91..b20ba7d9f5 100644 --- a/zebra/zebra_vxlan.c +++ b/zebra/zebra_vxlan.c @@ -1343,8 +1343,7 @@ static int zvni_gw_macip_add(struct interface *ifp, zebra_vni_t *zvni, zlog_err( "%u:Failed to add neighbor %s MAC %s intf %s(%u) -> VNI %u", ifp->vrf_id, ipaddr2str(ip, buf2, sizeof(buf2)), - prefix_mac2str(macaddr, NULL, - ETHER_ADDR_STRLEN), + prefix_mac2str(macaddr, buf, sizeof(buf)), ifp->name, ifp->ifindex, zvni->vni); return -1; } @@ -1380,6 +1379,7 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, struct zebra_vrf *zvrf = NULL; zebra_neigh_t *n = NULL; zebra_mac_t *mac = NULL; + char buf1[ETHER_ADDR_STRLEN]; char buf2[INET6_ADDRSTRLEN]; zvrf = vrf_info_lookup(zvni->vxlan_if->vrf_id); @@ -1393,11 +1393,13 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, /* mac entry should be present */ mac = zvni_mac_lookup(zvni, &n->emac); - if (!mac) - zlog_err("%u: MAC %s doesnt exsists for neigh %s on VNI %u", + if (!mac) { + zlog_err("%u: MAC %s doesnt exists for neigh %s on VNI %u", ifp->vrf_id, - prefix_mac2str(&n->emac, NULL, ETHER_ADDR_STRLEN), + prefix_mac2str(&n->emac, buf1, sizeof(buf1)), ipaddr2str(ip, buf2, sizeof(buf2)), zvni->vni); + return -1; + } /* If the entry is not local nothing to do*/ if (!CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL)) @@ -1407,7 +1409,7 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, zlog_debug( "%u:SVI %s(%u) VNI %u, sending GW MAC %s IP %s del to BGP", ifp->vrf_id, ifp->name, ifp->ifindex, zvni->vni, - prefix_mac2str(&(n->emac), NULL, ETHER_ADDR_STRLEN), + prefix_mac2str(&(n->emac), buf1, sizeof(buf1)), ipaddr2str(ip, buf2, sizeof(buf2))); /* Remove neighbor from BGP. */ From 9ca25fedba875265f191af92f1887d35076b6403 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Fri, 25 Aug 2017 08:31:03 -0400 Subject: [PATCH 5/6] *: Add RMAP_COMPILE_SUCCESS to enum Add the RMAP_COMPILE_SUCCESS and switch over to using it. Refactoring allows a removal of a if statement to just use the switch statement already in place. Additionally the reworking cleans up memory freeing in a couple of spots. In one spot we no longer will leak memory too. Signed-off-by: Donald Sharp --- bgpd/bgp_routemap.c | 61 ++++++++++--------- eigrpd/eigrp_routemap.c | 97 ++++++++++++++++-------------- lib/routemap.c | 127 +++++++++++++++++++++------------------- lib/routemap.h | 4 +- ospf6d/ospf6_asbr.c | 11 ++-- zebra/zebra_routemap.c | 55 +++++++++-------- 6 files changed, 188 insertions(+), 167 deletions(-) diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c index 307880f9d1..602bacde28 100644 --- a/bgpd/bgp_routemap.c +++ b/bgpd/bgp_routemap.c @@ -2671,25 +2671,27 @@ static int bgp_route_match_add(struct vty *vty, const char *command, const char *arg, route_map_event_t type) { VTY_DECLVAR_CONTEXT(route_map_index, index); + int retval = CMD_SUCCESS; int ret; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% BGP Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% BGP Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% BGP Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% BGP Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_ADDED) { + route_map_upd8_dependency(type, arg, index->map->name); } + break; } - if (type != RMAP_EVENT_MATCH_ADDED) { - route_map_upd8_dependency(type, arg, index->map->name); - } - - return CMD_SUCCESS; + return retval; } /* Delete bgp route map rule. */ @@ -2698,6 +2700,7 @@ static int bgp_route_match_delete(struct vty *vty, const char *command, { VTY_DECLVAR_CONTEXT(route_map_index, index); int ret; + int retval = CMD_SUCCESS; char *dep_name = NULL; const char *tmpstr; char *rmap_name = NULL; @@ -2716,31 +2719,27 @@ static int bgp_route_match_delete(struct vty *vty, const char *command, } ret = route_map_delete_match(index, command, dep_name); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% BGP Can't find rule.\n"); - break; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% BGP Argument is malformed.\n"); - break; - } - if (dep_name) - XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); - if (rmap_name) - XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% BGP Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% BGP Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_DELETED && dep_name) + route_map_upd8_dependency(type, dep_name, rmap_name); + break; } - if (type != RMAP_EVENT_MATCH_DELETED && dep_name) - route_map_upd8_dependency(type, dep_name, rmap_name); - if (dep_name) XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); if (rmap_name) XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_SUCCESS; + return retval; } /* diff --git a/eigrpd/eigrp_routemap.c b/eigrpd/eigrp_routemap.c index b645ed1987..360e28adf7 100644 --- a/eigrpd/eigrp_routemap.c +++ b/eigrpd/eigrp_routemap.c @@ -137,16 +137,19 @@ static int eigrp_route_match_add(struct vty *vty, struct route_map_index *index, { int ret; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -157,16 +160,19 @@ static int eigrp_route_match_delete(struct vty *vty, { int ret; ret = route_map_delete_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -177,25 +183,27 @@ static int eigrp_route_set_add(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_add_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + /* + * rip, ripng and other protocols share the set metric command + * but only values from 0 to 16 are valid for rip and ripng + * if metric is out of range for rip and ripng, it is + * not for other protocols. Do not return an error + */ + if (strcmp(command, "metric")) { + vty_out(vty, "%% Argument is malformed.\n"); return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - /* rip, ripng and other protocols share the set metric - command - but only values from 0 to 16 are valid for rip and - ripng - if metric is out of range for rip and ripng, it is - not for - other protocols. Do not return an error */ - if (strcmp(command, "metric")) { - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } } + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -207,16 +215,19 @@ static int eigrp_route_set_delete(struct vty *vty, int ret; ret = route_map_delete_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } diff --git a/lib/routemap.c b/lib/routemap.c index 5f74189700..409c9c3780 100644 --- a/lib/routemap.c +++ b/lib/routemap.c @@ -416,23 +416,25 @@ int generic_match_add(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_ADDED) { + route_map_upd8_dependency(type, arg, index->map->name); } + break; + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; } - if (type != RMAP_EVENT_MATCH_ADDED) { - route_map_upd8_dependency(type, arg, index->map->name); - } return CMD_SUCCESS; } @@ -441,6 +443,7 @@ int generic_match_delete(struct vty *vty, struct route_map_index *index, route_map_event_t type) { int ret; + int retval = CMD_SUCCESS; char *dep_name = NULL; const char *tmpstr; char *rmap_name = NULL; @@ -459,34 +462,30 @@ int generic_match_delete(struct vty *vty, struct route_map_index *index, } ret = route_map_delete_match(index, command, dep_name); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - break; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - break; - } - if (dep_name) - XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); - if (rmap_name) - XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_DELETED && dep_name) + route_map_upd8_dependency(type, dep_name, rmap_name); + break; } - if (type != RMAP_EVENT_MATCH_DELETED && dep_name) - route_map_upd8_dependency(type, dep_name, rmap_name); - if (dep_name) XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); if (rmap_name) XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_SUCCESS; + return retval; } int generic_set_add(struct vty *vty, struct route_map_index *index, @@ -495,19 +494,22 @@ int generic_set_add(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_add_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -517,19 +519,22 @@ int generic_set_delete(struct vty *vty, struct route_map_index *index, int ret; ret = route_map_delete_set(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% [%s] Can't find rule.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, - "%% [%s] Argument form is unsupported or malformed.\n", - frr_protonameinst); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% [%s] Can't find rule.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, + "%% [%s] Argument form is unsupported or malformed.\n", + frr_protonameinst); + return CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + break; } + return CMD_SUCCESS; } @@ -1217,7 +1222,7 @@ int route_map_add_match(struct route_map_index *index, const char *match_name, RMAP_EVENT_CALL_ADDED); } - return 0; + return RMAP_COMPILE_SUCCESS; } /* Delete specified route match rule. */ @@ -1304,7 +1309,7 @@ int route_map_add_set(struct route_map_index *index, const char *set_name, route_map_notify_dependencies(index->map->name, RMAP_EVENT_CALL_ADDED); } - return 0; + return RMAP_COMPILE_SUCCESS; } /* Delete route map set rule. */ diff --git a/lib/routemap.h b/lib/routemap.h index 43af8dbcfe..b166de1e09 100644 --- a/lib/routemap.h +++ b/lib/routemap.h @@ -99,8 +99,10 @@ struct route_map_rule_cmd { /* Route map apply error. */ enum { + RMAP_COMPILE_SUCCESS, + /* Route map rule is missing. */ - RMAP_RULE_MISSING = 1, + RMAP_RULE_MISSING, /* Route map rule can't compile */ RMAP_COMPILE_ERROR diff --git a/ospf6d/ospf6_asbr.c b/ospf6d/ospf6_asbr.c index dd3630af16..de20fbc3ab 100644 --- a/ospf6d/ospf6_asbr.c +++ b/ospf6d/ospf6_asbr.c @@ -985,21 +985,20 @@ static struct route_map_rule_cmd ospf6_routemap_rule_set_tag_cmd = { static int route_map_command_status(struct vty *vty, int ret) { - if (!ret) - return CMD_SUCCESS; - switch (ret) { case RMAP_RULE_MISSING: vty_out(vty, "OSPF6 Can't find rule.\n"); + return CMD_WARNING_CONFIG_FAILED; break; case RMAP_COMPILE_ERROR: vty_out(vty, "OSPF6 Argument is malformed.\n"); + return CMD_WARNING_CONFIG_FAILED; break; - default: - vty_out(vty, "OSPF6 route-map add set failed.\n"); + case RMAP_COMPILE_SUCCESS: break; } - return CMD_WARNING_CONFIG_FAILED; + + return CMD_SUCCESS; } /* add "set metric-type" */ diff --git a/zebra/zebra_routemap.c b/zebra/zebra_routemap.c index c738cde0ac..0fa616bef9 100644 --- a/zebra/zebra_routemap.c +++ b/zebra/zebra_routemap.c @@ -62,23 +62,26 @@ static int zebra_route_match_add(struct vty *vty, const char *command, { VTY_DECLVAR_CONTEXT(route_map_index, index); int ret; + int retval = CMD_SUCCESS; ret = route_map_add_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Zebra Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Zebra Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Zebra Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Zebra Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_ADDED) { + route_map_upd8_dependency(type, arg, index->map->name); } + break; } - if (type != RMAP_EVENT_MATCH_ADDED) { - route_map_upd8_dependency(type, arg, index->map->name); - } - return CMD_SUCCESS; + return retval; } /* Delete zebra route map rule. */ @@ -87,6 +90,7 @@ static int zebra_route_match_delete(struct vty *vty, const char *command, { VTY_DECLVAR_CONTEXT(route_map_index, index); int ret; + int retval = CMD_SUCCESS; char *dep_name = NULL; const char *tmpstr; char *rmap_name = NULL; @@ -105,26 +109,27 @@ static int zebra_route_match_delete(struct vty *vty, const char *command, } ret = route_map_delete_match(index, command, arg); - if (ret) { - switch (ret) { - case RMAP_RULE_MISSING: - vty_out(vty, "%% Zebra Can't find rule.\n"); - return CMD_WARNING_CONFIG_FAILED; - case RMAP_COMPILE_ERROR: - vty_out(vty, "%% Zebra Argument is malformed.\n"); - return CMD_WARNING_CONFIG_FAILED; - } + switch (ret) { + case RMAP_RULE_MISSING: + vty_out(vty, "%% Zebra Can't find rule.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_ERROR: + vty_out(vty, "%% Zebra Argument is malformed.\n"); + retval = CMD_WARNING_CONFIG_FAILED; + break; + case RMAP_COMPILE_SUCCESS: + if (type != RMAP_EVENT_MATCH_DELETED && dep_name) + route_map_upd8_dependency(type, dep_name, rmap_name); + break; } - if (type != RMAP_EVENT_MATCH_DELETED && dep_name) - route_map_upd8_dependency(type, dep_name, rmap_name); - if (dep_name) XFREE(MTYPE_ROUTE_MAP_RULE, dep_name); if (rmap_name) XFREE(MTYPE_ROUTE_MAP_NAME, rmap_name); - return CMD_SUCCESS; + return retval; } /* 'match tag TAG' From 1e9f448fe1b60e464d187c96092d2cf6201e64e1 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Fri, 25 Aug 2017 08:07:58 -0400 Subject: [PATCH 6/6] zebra: Coverity Code Cleanup 1) Various socket close issues 2) Ensure afi passed is usable 3) Fix some reads beyond buffer and reads after free 4) Ensure some failure modes are handled properly 5) Memory Leak(s) fix 6) There is no 6. Signed-off-by: Donald Sharp --- zebra/redistribute.c | 6 ++++++ zebra/rtadv.c | 1 - zebra/zebra_ptm.c | 2 +- zebra/zebra_rib.c | 30 +++++++++++++++++------------- zebra/zebra_vrf.c | 4 ++++ zebra/zebra_vxlan.c | 10 ++++++---- zebra/zserv.c | 2 +- 7 files changed, 35 insertions(+), 20 deletions(-) diff --git a/zebra/redistribute.c b/zebra/redistribute.c index 9b21eb4d8c..6f08b5b5a0 100644 --- a/zebra/redistribute.c +++ b/zebra/redistribute.c @@ -52,6 +52,12 @@ static u_int32_t zebra_import_table_distance[AFI_MAX][ZEBRA_KERNEL_TABLE_MAX]; int is_zebra_import_table_enabled(afi_t afi, u_int32_t table_id) { + /* + * Make sure that what we are called with actualy makes sense + */ + if (afi == AFI_MAX) + return 0; + if (is_zebra_valid_kernel_table(table_id)) return zebra_import_table_used[afi][table_id]; return 0; diff --git a/zebra/rtadv.c b/zebra/rtadv.c index 295975c5ca..88836af72e 100644 --- a/zebra/rtadv.c +++ b/zebra/rtadv.c @@ -630,7 +630,6 @@ static int rtadv_make_socket(void) safe_strerror(errno)); if (sock < 0) { - close(sock); return -1; } diff --git a/zebra/zebra_ptm.c b/zebra/zebra_ptm.c index 1bf672d4a1..b18b3e7429 100644 --- a/zebra/zebra_ptm.c +++ b/zebra/zebra_ptm.c @@ -156,7 +156,7 @@ void zebra_ptm_finish(void) if (ptm_cb.wb) buffer_free(ptm_cb.wb); - if (ptm_cb.ptm_sock != -1) + if (ptm_cb.ptm_sock >= 0) close(ptm_cb.ptm_sock); } diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c index dc61ea5e40..63ac06b160 100644 --- a/zebra/zebra_rib.c +++ b/zebra/zebra_rib.c @@ -2745,23 +2745,27 @@ unsigned long rib_score_proto(u_char proto, u_short instance) void rib_close_table(struct route_table *table) { struct route_node *rn; - rib_table_info_t *info = table->info; + rib_table_info_t *info; struct route_entry *re; - if (table) - for (rn = route_top(table); rn; rn = srcdest_route_next(rn)) - RNODE_FOREACH_RE(rn, re) - { - if (!CHECK_FLAG(re->status, - ROUTE_ENTRY_SELECTED_FIB)) - continue; + if (!table) + return; - if (info->safi == SAFI_UNICAST) - hook_call(rib_update, rn, NULL); + info = table->info; - if (!RIB_SYSTEM_ROUTE(re)) - rib_uninstall_kernel(rn, re); - } + for (rn = route_top(table); rn; rn = srcdest_route_next(rn)) + RNODE_FOREACH_RE(rn, re) + { + if (!CHECK_FLAG(re->status, + ROUTE_ENTRY_SELECTED_FIB)) + continue; + + if (info->safi == SAFI_UNICAST) + hook_call(rib_update, rn, NULL); + + if (!RIB_SYSTEM_ROUTE(re)) + rib_uninstall_kernel(rn, re); + } } /* Routing information base initialize. */ diff --git a/zebra/zebra_vrf.c b/zebra/zebra_vrf.c index 82c0524a8f..0a26ac6ad7 100644 --- a/zebra/zebra_vrf.c +++ b/zebra/zebra_vrf.c @@ -470,6 +470,10 @@ static int vrf_config_write(struct vty *vty) RB_FOREACH(vrf, vrf_name_head, &vrfs_by_name) { zvrf = vrf->info; + + if (!zvrf) + continue; + if (strcmp(zvrf_name(zvrf), VRF_DEFAULT_NAME)) { vty_out(vty, "vrf %s\n", zvrf_name(zvrf)); vty_out(vty, "!\n"); diff --git a/zebra/zebra_vxlan.c b/zebra/zebra_vxlan.c index b20ba7d9f5..ef24e533d0 100644 --- a/zebra/zebra_vxlan.c +++ b/zebra/zebra_vxlan.c @@ -1155,14 +1155,15 @@ static int zvni_neigh_uninstall(zebra_vni_t *zvni, zebra_neigh_t *n) if (!(n->flags & ZEBRA_NEIGH_REMOTE)) return 0; - zvrf = vrf_info_lookup(zvni->vxlan_if->vrf_id); - assert(zvrf); if (!zvni->vxlan_if) { zlog_err("VNI %u hash %p couldn't be uninstalled - no intf", zvni->vni, zvni); return -1; } + zvrf = vrf_info_lookup(zvni->vxlan_if->vrf_id); + assert(zvrf); + zif = zvni->vxlan_if->info; if (!zif) return -1; @@ -1361,7 +1362,7 @@ static int zvni_gw_macip_add(struct interface *ifp, zebra_vni_t *zvni, zlog_debug( "%u:SVI %s(%u) VNI %u, sending GW MAC %s IP %s add to BGP", ifp->vrf_id, ifp->name, ifp->ifindex, zvni->vni, - prefix_mac2str(macaddr, NULL, ETHER_ADDR_STRLEN), + prefix_mac2str(macaddr, buf, sizeof(buf)), ipaddr2str(ip, buf2, sizeof(buf2))); zvni_neigh_send_add_to_client(zvrf, zvni->vni, ip, macaddr, @@ -1420,7 +1421,8 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, zvni_neigh_del(zvni, n); /* see if the mac needs to be deleted as well*/ - zvni_deref_ip2mac(zvni, mac, 0); + if (mac) + zvni_deref_ip2mac(zvni, mac, 0); return 0; } diff --git a/zebra/zserv.c b/zebra/zserv.c index 7899a8375c..98494cff07 100644 --- a/zebra/zserv.c +++ b/zebra/zserv.c @@ -1674,7 +1674,7 @@ static int zread_ipv6_delete(struct zserv *client, u_short length, api.safi = stream_getw(s); /* IPv4 prefix. */ - memset(&p, 0, sizeof(struct prefix_ipv6)); + memset(&p, 0, sizeof(struct prefix)); p.family = AF_INET6; p.prefixlen = stream_getc(s); stream_get(&p.u.prefix6, s, PSIZE(p.prefixlen));