proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-14 16:04:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

zebra: add validate function for zapi_labels message

Browse Source 
Add a simple validation function for zapi_labels messages; it
checks for and validates backup nexthop indexes currently.

Signed-off-by: Mark Stapp <mjs@voltanet.io>
This commit is contained in:
Mark Stapp 2020-07-20 17:19:31 -04:00
parent 8b117ff02b
commit ff8d3c2dd4
1 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
zebra/zapi_msg.c
View File

@ -2000,6 +2000,56 @@ static void zread_vrf_unregister(ZAPI_HANDLER_ARGS)
vrf_bitmap_unset(client->ridinfo, zvrf_id(zvrf)); vrf_bitmap_unset(client->ridinfo, zvrf_id(zvrf));
} }
/*
* Validate incoming zapi mpls lsp / labels message
*/
static int zapi_labels_validate(const struct zapi_labels *zl)
{
int ret = -1;
int i, j, idx;
uint32_t bits[8];
uint32_t ival;
const struct zapi_nexthop *znh;
/* Validate backup info: no duplicates for a single primary */
if (zl->backup_nexthop_num == 0) {
ret = 0;
goto done;
}
for (j = 0; j < zl->nexthop_num; j++) {
znh = &zl->nexthops[j];
memset(bits, 0, sizeof(bits));
for (i = 0; i < znh->backup_num; i++) {
idx = znh->backup_idx[i] / 32;
ival = 1 << znh->backup_idx[i] % 32;
/* Check whether value is already used */
if (ival & bits[idx]) {
/* Fail */
if (IS_ZEBRA_DEBUG_RECV)
zlog_debug("%s: invalid zapi mpls message: duplicate backup nexthop index %d",
__func__,
znh->backup_idx[i]);
goto done;
}
/* Mark index value */
bits[idx] |= ival;
}
}
ret = 0;
done:
return ret;
}
/* /*
* Handle request to create an MPLS LSP. * Handle request to create an MPLS LSP.
* *
@ -2026,6 +2076,10 @@ static void zread_mpls_labels_add(ZAPI_HANDLER_ARGS)
if (!mpls_enabled) if (!mpls_enabled)
return; return;
/* Validate; will debug on failure */
if (zapi_labels_validate(&zl) < 0)
return;
ret = mpls_zapi_labels_process(true, zvrf, &zl); ret = mpls_zapi_labels_process(true, zvrf, &zl);
if (ret < 0) { if (ret < 0) {
if (IS_ZEBRA_DEBUG_RECV) if (IS_ZEBRA_DEBUG_RECV)
@ -2107,6 +2161,10 @@ static void zread_mpls_labels_replace(ZAPI_HANDLER_ARGS)
if (!mpls_enabled) if (!mpls_enabled)
return; return;
/* Validate; will debug on failure */
if (zapi_labels_validate(&zl) < 0)
return;
/* This removes everything, then re-adds from the client's /* This removes everything, then re-adds from the client's
* zapi message. Since the LSP will be processed later, on this * zapi message. Since the LSP will be processed later, on this
* this same pthread, all of the changes will 'appear' at once. * this same pthread, all of the changes will 'appear' at once.