proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-05 20:07:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
33,536 Commits 4 Branches 191 Tags 125 MiB
a0d12e43f2
Commit Graph

7212 Commits

Author SHA1 Message Date
Donatas Abraitis
6cca03a52e bgpd: Check mandatory attributes more carefully for UPDATE message 
If we send a crafted BGP UPDATE message without mandatory attributes, we do
not check if the length of the path attributes is zero or not. We only check
if attr->flag is at least set or not. Imagine we send only unknown transit
attribute, then attr->flag is always 0. Also, this is true only if graceful-restart
capability is received.

A crash:

```
bgpd[7834]: [TJ23Y-GY0RH] 127.0.0.1 Unknown attribute is received (type 31, length 16)
bgpd[7834]: [PCFFM-WMARW] 127.0.0.1(donatas-pc) rcvd UPDATE wlen 0 attrlen 20 alen 17
BGP[7834]: Received signal 11 at 1698089639 (si_addr 0x0, PC 0x55eefd375b4a); aborting...
BGP[7834]: /usr/local/lib/libfrr.so.0(zlog_backtrace_sigsafe+0x6d) [0x7f3205ca939d]
BGP[7834]: /usr/local/lib/libfrr.so.0(zlog_signal+0xf3) [0x7f3205ca9593]
BGP[7834]: /usr/local/lib/libfrr.so.0(+0xf5181) [0x7f3205cdd181]
BGP[7834]: /lib/x86_64-linux-gnu/libpthread.so.0(+0x12980) [0x7f3204ff3980]
BGP[7834]: /usr/lib/frr/bgpd(+0x18ab4a) [0x55eefd375b4a]
BGP[7834]: /usr/local/lib/libfrr.so.0(route_map_apply_ext+0x310) [0x7f3205cd1290]
BGP[7834]: /usr/lib/frr/bgpd(+0x163610) [0x55eefd34e610]
BGP[7834]: /usr/lib/frr/bgpd(bgp_update+0x9a5) [0x55eefd35c1d5]
BGP[7834]: /usr/lib/frr/bgpd(bgp_nlri_parse_ip+0xb7) [0x55eefd35e867]
BGP[7834]: /usr/lib/frr/bgpd(+0x1555e6) [0x55eefd3405e6]
BGP[7834]: /usr/lib/frr/bgpd(bgp_process_packet+0x747) [0x55eefd345597]
BGP[7834]: /usr/local/lib/libfrr.so.0(event_call+0x83) [0x7f3205cef4a3]
BGP[7834]: /usr/local/lib/libfrr.so.0(frr_run+0xc0) [0x7f3205ca10a0]
BGP[7834]: /usr/lib/frr/bgpd(main+0x409) [0x55eefd2dc979]
```

Sending:

```
import socket
import time

OPEN = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
b"\xff\xff\x00\x62\x01\x04\xfd\xea\x00\x5a\x0a\x00\x00\x01\x45\x02"
b"\x06\x01\x04\x00\x01\x00\x01\x02\x02\x02\x00\x02\x02\x46\x00\x02"
b"\x06\x41\x04\x00\x00\xfd\xea\x02\x02\x06\x00\x02\x06\x45\x04\x00"
b"\x01\x01\x03\x02\x0e\x49\x0c\x0a\x64\x6f\x6e\x61\x74\x61\x73\x2d"
b"\x70\x63\x00\x02\x04\x40\x02\x00\x78\x02\x09\x47\x07\x00\x01\x01"
b"\x80\x00\x00\x00")

KEEPALIVE = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
b"\xff\xff\xff\xff\xff\xff\x00\x13\x04")

UPDATE = bytearray.fromhex("ffffffffffffffffffffffffffffffff003c0200000014ff1f001000040146464646460004464646464646664646f50d05800100010200ffff000000")

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('127.0.0.2', 179))
s.send(OPEN)
data = s.recv(1024)
s.send(KEEPALIVE)
data = s.recv(1024)
s.send(UPDATE)
data = s.recv(1024)
time.sleep(1000)
s.close()
```

Reported-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
(cherry picked from commit d8482bf011)
 2023-10-25 11:22:32 +00:00
Donatas Abraitis
8ec1d39b27 bgpd: Handle MP_REACH_NLRI malformed packets with session reset 
Avoid crashing bgpd.

```
(gdb)
bgp_mp_reach_parse (args=<optimized out>, mp_update=0x7fffffffe140) at bgpd/bgp_attr.c:2341
2341			stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
(gdb)
stream_get (dst=0x7fffffffe1ac, s=0x7ffff0006e80, size=16) at lib/stream.c:320
320	{
(gdb)
321		STREAM_VERIFY_SANE(s);
(gdb)
323		if (STREAM_READABLE(s) < size) {
(gdb)
34	  return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
(gdb)

Thread 1 "bgpd" received signal SIGSEGV, Segmentation fault.
0x00005555556e37be in route_set_aspath_prepend (rule=0x555555aac0d0, prefix=0x7fffffffe050,
    object=0x7fffffffdb00) at bgpd/bgp_routemap.c:2282
2282		if (path->attr->aspath->refcnt)
(gdb)
```

With the configuration:

```
 neighbor 127.0.0.1 remote-as external
 neighbor 127.0.0.1 passive
 neighbor 127.0.0.1 ebgp-multihop
 neighbor 127.0.0.1 disable-connected-check
 neighbor 127.0.0.1 update-source 127.0.0.2
 neighbor 127.0.0.1 timers 3 90
 neighbor 127.0.0.1 timers connect 1
 address-family ipv4 unicast
  redistribute connected
  neighbor 127.0.0.1 default-originate
  neighbor 127.0.0.1 route-map RM_IN in
 exit-address-family
!
route-map RM_IN permit 10
 set as-path prepend 200
exit
```

Reported-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
(cherry picked from commit b08afc81c6)
 2023-10-25 11:22:32 +00:00
Donatas Abraitis
fdf1cefb92 bgpd: Do not suppress conditional advertisement updates if triggered 
If we have a prefix-list with one entry, and after some time we append a prefix-list
with some more additional entries, conditional advertisement is triggered, and the
old entries are suppressed (because they look identical as sent before).

Hence, the old entries are sent as withdrawals and only new entries sent as updates.

Force re-sending all BGP updates for conditional advertisement. The same is done
for route-refresh, and/or soft clear operations.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
(cherry picked from commit 2d8e859585)
 2023-10-23 11:41:57 +00:00
ryndia
81884d4633 bgpd: Ecommunity_dup memory leak fix 
The shallow copy of attr wasn't freed when there was no valid label for the momentand the function return therefore creating leaks. The leak below are solved by flushing the shallow copy of attr.

Address Sanitizer Error detected in bgp_vpnv6_per_nexthop_label.test_bgp_vpnv6_per_nexthop_label/r1.asan.bgpd.13409
=================================================================
==13409==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    #2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x5623b89beabc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x5623b89beabc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    #7 0x5623b89beabc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    #8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    #11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    #12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    #13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    #14 0x7f62ccb62b8f in event_call lib/event.c:1969
    #15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #16 0x5623b87e054b in main bgpd/bgp_main.c:510
    #17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    #2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b892e86d in bgp_update bgpd/bgp_route.c:4969
    #5 0x5623b893134d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    #6 0x5623b88e2a0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    #7 0x5623b88e4f7c in bgp_update_receive bgpd/bgp_packet.c:2220
    #8 0x5623b88f0474 in bgp_process_packet bgpd/bgp_packet.c:3386
    #9 0x7f62ccb62b8f in event_call lib/event.c:1969
    #10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #11 0x5623b87e054b in main bgpd/bgp_main.c:510
    #12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    #2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x5623b89bdebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x5623b89bdebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    #7 0x5623b89bdebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    #8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    #11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    #12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    #13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    #14 0x7f62ccb62b8f in event_call lib/event.c:1969
    #15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #16 0x5623b87e054b in main bgpd/bgp_main.c:510
    #17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 240 byte(s) in 6 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    #2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88dc289 in evaluate_paths bgpd/bgp_nht.c:1384
    #5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    #9 0x7f62ccb62b8f in event_call lib/event.c:1969
    #10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #11 0x5623b87e054b in main bgpd/bgp_main.c:510
    #12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 120 byte(s) in 3 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    #2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b893a406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    #5 0x5623b8a02b3b in zebra_read_route bgpd/bgp_zebra.c:595
    #6 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    #7 0x7f62ccb62b8f in event_call lib/event.c:1969
    #8 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #9 0x5623b87e054b in main bgpd/bgp_main.c:510
    #10 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    #2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88dc188 in evaluate_paths bgpd/bgp_nht.c:1348
    #5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    #9 0x7f62ccb62b8f in event_call lib/event.c:1969
    #10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #11 0x5623b87e054b in main bgpd/bgp_main.c:510
    #12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    #2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x5623b89beabc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x5623b89beabc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    #7 0x5623b89beabc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    #8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    #11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    #12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    #13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    #14 0x7f62ccb62b8f in event_call lib/event.c:1969
    #15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #16 0x5623b87e054b in main bgpd/bgp_main.c:510
    #17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    #2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b892e86d in bgp_update bgpd/bgp_route.c:4969
    #5 0x5623b893134d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    #6 0x5623b88e2a0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    #7 0x5623b88e4f7c in bgp_update_receive bgpd/bgp_packet.c:2220
    #8 0x5623b88f0474 in bgp_process_packet bgpd/bgp_packet.c:3386
    #9 0x7f62ccb62b8f in event_call lib/event.c:1969
    #10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #11 0x5623b87e054b in main bgpd/bgp_main.c:510
    #12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    #2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x5623b89bdebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x5623b89bdebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    #7 0x5623b89bdebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    #8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    #11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    #12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    #13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    #14 0x7f62ccb62b8f in event_call lib/event.c:1969
    #15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #16 0x5623b87e054b in main bgpd/bgp_main.c:510
    #17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 6 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    #2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88dc289 in evaluate_paths bgpd/bgp_nht.c:1384
    #5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    #9 0x7f62ccb62b8f in event_call lib/event.c:1969
    #10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #11 0x5623b87e054b in main bgpd/bgp_main.c:510
    #12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 3 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    #2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b893a406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    #5 0x5623b8a02b3b in zebra_read_route bgpd/bgp_zebra.c:595
    #6 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    #7 0x7f62ccb62b8f in event_call lib/event.c:1969
    #8 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #9 0x5623b87e054b in main bgpd/bgp_main.c:510
    #10 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    #2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x5623b88dc188 in evaluate_paths bgpd/bgp_nht.c:1348
    #5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    #9 0x7f62ccb62b8f in event_call lib/event.c:1969
    #10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    #11 0x5623b87e054b in main bgpd/bgp_main.c:510
    #12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 1536 byte(s) leaked in 64 allocation(s).
***********************************************************************************

Address Sanitizer Error detected in bgp_vpnv4_per_nexthop_label.test_bgp_vpnv4_per_nexthop_label/r1.asan.bgpd.10610

=================================================================
==10610==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    #2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9c4686d in bgp_update bgpd/bgp_route.c:4969
    #5 0x55cdc9c4934d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    #6 0x55cdc9bfaa0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    #7 0x55cdc9bfcf7c in bgp_update_receive bgpd/bgp_packet.c:2220
    #8 0x55cdc9c08474 in bgp_process_packet bgpd/bgp_packet.c:3386
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    #2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x55cdc9cd6abc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    #7 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    #8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    #11 0x7f81fc007e20 in vty_command lib/vty.c:591
    #12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    #13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    #14 0x7f81fbffbb8f in event_call lib/event.c:1969
    #15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    #2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x55cdc9cd5ebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x55cdc9cd5ebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    #7 0x55cdc9cd5ebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    #8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    #11 0x7f81fc007e20 in vty_command lib/vty.c:591
    #12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    #13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    #14 0x7f81fbffbb8f in event_call lib/event.c:1969
    #15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 240 byte(s) in 6 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    #2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bf4289 in evaluate_paths bgpd/bgp_nht.c:1384
    #5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    #2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bf4188 in evaluate_paths bgpd/bgp_nht.c:1348
    #5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    #2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x55cdc9bdafd5 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x55cdc9bdafd5 in vpn_leak_label_callback bgpd/bgp_mplsvpn.c:581
    #7 0x55cdc9bb2606 in lp_cbq_docallback bgpd/bgp_labelpool.c:118
    #8 0x7f81fc0164b5 in work_queue_run lib/workqueue.c:266
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    #2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9c52406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    #5 0x55cdc9d1ab3b in zebra_read_route bgpd/bgp_zebra.c:595
    #6 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    #7 0x7f81fbffbb8f in event_call lib/event.c:1969
    #8 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #9 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #10 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    #2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x55cdc9cd6abc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    #7 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    #8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    #11 0x7f81fc007e20 in vty_command lib/vty.c:591
    #12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    #13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    #14 0x7f81fbffbb8f in event_call lib/event.c:1969
    #15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    #2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x55cdc9cd5ebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x55cdc9cd5ebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    #7 0x55cdc9cd5ebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    #8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    #9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    #10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    #11 0x7f81fc007e20 in vty_command lib/vty.c:591
    #12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    #13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    #14 0x7f81fbffbb8f in event_call lib/event.c:1969
    #15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    #2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9c4686d in bgp_update bgpd/bgp_route.c:4969
    #5 0x55cdc9c4934d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    #6 0x55cdc9bfaa0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    #7 0x55cdc9bfcf7c in bgp_update_receive bgpd/bgp_packet.c:2220
    #8 0x55cdc9c08474 in bgp_process_packet bgpd/bgp_packet.c:3386
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 6 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    #2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bf4289 in evaluate_paths bgpd/bgp_nht.c:1384
    #5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    #2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bf4188 in evaluate_paths bgpd/bgp_nht.c:1348
    #5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    #6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    #7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    #8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    #2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    #5 0x55cdc9bdafd5 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    #6 0x55cdc9bdafd5 in vpn_leak_label_callback bgpd/bgp_mplsvpn.c:581
    #7 0x55cdc9bb2606 in lp_cbq_docallback bgpd/bgp_labelpool.c:118
    #8 0x7f81fc0164b5 in work_queue_run lib/workqueue.c:266
    #9 0x7f81fbffbb8f in event_call lib/event.c:1969
    #10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    #2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    #3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    #4 0x55cdc9c52406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    #5 0x55cdc9d1ab3b in zebra_read_route bgpd/bgp_zebra.c:595
    #6 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    #7 0x7f81fbffbb8f in event_call lib/event.c:1969
    #8 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    #9 0x55cdc9af854b in main bgpd/bgp_main.c:510
    #10 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 1536 byte(s) leaked in 64 allocation(s).
***********************************************************************************

Signed-off-by: ryndia <dindyalsarvesh@gmail.com>
(cherry picked from commit 78b6cadc16)
 2023-10-13 15:48:26 +00:00
Donald Sharp
0c91f45d96 Revert "lib: register bgp link-state afi/safi" 
This reverts commit 1642a68d60.

(cherry picked from commit 0dc12c9003)
 2023-10-11 05:02:54 +00:00
Donald Sharp
9b3be70d9e Revert "bgpd: add bgp link-state address-family configuration context" 
This reverts commit ae2f3bb5b4.

(cherry picked from commit ddd96b51b0)
 2023-10-11 05:02:53 +00:00
Donald Sharp
f98f17d83a Revert "bgpd: accept bgp link-state capability" 
This reverts commit 67fe40676e.

(cherry picked from commit a4fcdc4e48)
 2023-10-11 05:02:53 +00:00
Donald Sharp
9b9d1809cc Revert "bgpd: store bgp link-state prefixes" 
This reverts commit 39a8d354c1.

(cherry picked from commit 59c3a49166)
 2023-10-11 05:02:52 +00:00
Donald Sharp
f5132b151d Revert "bgpd: send bgp link-state prefixes" 
This reverts commit 0c94fb9cc8.

(cherry picked from commit f75d9050fc)
 2023-10-11 05:02:52 +00:00
Donald Sharp
d636ba86c0 Revert "bgpd, lib: extend the size of the prefix string buffer" 
This reverts commit bdb3fa3b92.

(cherry picked from commit 8b3e765d19)
 2023-10-11 05:02:52 +00:00
Donald Sharp
5bb55d29f5 Revert "bgpd: do not display vty output headers for link-state prefixes" 
This reverts commit 3098772467.

(cherry picked from commit 85a63731dc)
 2023-10-11 05:02:52 +00:00
Donald Sharp
35b55e6fc2 Revert "bgpd: display link-state prefixes detail" 
This reverts commit 7e0d9ff8ba.

(cherry picked from commit 8a6b65f7fd)
 2023-10-11 05:02:51 +00:00
Donald Sharp
22f952a7f5 Revert "bgpd: do not announce link-state routes to zebra" 
This reverts commit 39fb34275f.

(cherry picked from commit 4ab7fa86b0)
 2023-10-11 05:02:51 +00:00
Donald Sharp
cb7df45e6a Revert "bgpd: add bgp default link-state command" 
This reverts commit 38a7e20fc9.

(cherry picked from commit 7679d6056b)
 2023-10-11 05:02:51 +00:00
Donald Sharp
8e063b9c05 Revert "bgpd: add show bgp link-state link-state commands" 
This reverts commit f11f67033f.

(cherry picked from commit d3261fd83f)
 2023-10-11 05:02:50 +00:00
Donald Sharp
ca8af99dbb Revert "bgpd: add linkstate debug" 
This reverts commit de38eada9c.

(cherry picked from commit 68bae36376)
 2023-10-11 05:02:50 +00:00
Donald Sharp
e3f8e7d798 Revert "bgpd: store and send bgp link-state attributes" 
This reverts commit 8b531b1107.

(cherry picked from commit 166e52d6a3)
 2023-10-11 05:02:49 +00:00
Donald Sharp
a6f5a7aeef Revert "bgpd: do not check attr in bgp_packet_attribute" 
This reverts commit eb9e286511.

(cherry picked from commit e7c0191e82)
 2023-10-11 05:02:49 +00:00
Donald Sharp
609ee2bd4b Revert "bgpd: fix illegal memory access in bgp_ls_tlv_check_size()" 
This reverts commit dae5791c44.

(cherry picked from commit 73a4891ab3)
 2023-10-11 05:02:49 +00:00
Donald Sharp
0f02b85a18 Revert "bgpd: fix link_state_hash_cmp()" 
This reverts commit 25408c8dbf.

(cherry picked from commit 2263d11630)
 2023-10-11 05:02:48 +00:00
Donald Sharp
8ed3bbd19d Revert "bgpd: fix insecure data write with ip addresses" 
This reverts commit 54222f9213.

(cherry picked from commit 298d534013)
 2023-10-11 05:02:48 +00:00
Donald Sharp
83d4391f7b Revert "bgpd: fix insecure data write with area addresses" 
This reverts commit 57d0dc565f.

(cherry picked from commit c0d3acb0a0)
 2023-10-11 05:02:48 +00:00
Donald Sharp
82a5f9ee3f Revert "bgpd: fix printing link state ospf opaque data" 
This reverts commit e1333d12e0.

(cherry picked from commit 28dab73877)
 2023-10-11 05:02:47 +00:00
Russ White
03d1b44c9b
Merge pull request #14535 from opensourcerouting/fix/bgp_aggregate_stuff 
bgpd: Drop redundant assignment for aspath segment type and length
 2023-10-10 11:36:34 -04:00
Rafael Zalamena
4a60045688
Merge pull request #10733 from anlancs/zebra-remove-update 
zebra: remove ZEBRA_INTERFACE_VRF_UPDATE
 2023-10-08 10:52:54 -03:00
anlan_cs
b580c52698 *: remove ZEBRA_INTERFACE_VRF_UPDATE 
Currently when one interface changes its VRF, zebra will send these messages to
all daemons in *order*:
    1) `ZEBRA_INTERFACE_DELETE` ( notify them delete from old VRF )
    2) `ZEBRA_INTERFACE_VRF_UPDATE` ( notify them move from old to new VRF )
    3) `ZEBRA_INTERFACE_ADD` ( notify them added into new VRF )

When daemons deal with `VRF_UPDATE`, they use
`zebra_interface_vrf_update_read()->if_lookup_by_name()`
to check the interface exist or not in old VRF. This check will always return
*NULL* because `DELETE` ( deleted from old VRF ) is already done, so can't
find this interface in old VRF.

Send `VRF_UPDATE` is redundant and unuseful. `DELETE` and `ADD` are enough,
they will deal with RB tree, so don't send this `VRF_UPDATE` message when
vrf changes.

Since all daemons have good mechanism to deal with changing vrf, and don't
use this `VRF_UPDATE` mechanism.  So, it is safe to completely remove
all the code with `VRF_UPDATE`.

Signed-off-by: anlan_cs <anlan_cs@tom.com>
 2023-10-07 10:06:39 +08:00
Donatas Abraitis
fc9a8da45e bgpd: Drop redundant assignment for aspath segment type and length 
They are already initialized via assegment_new().

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-10-05 22:46:54 +03:00
Donatas Abraitis
90aa39ecef bgpd: Add guards for zlog_debug when setting GTSM for the peer 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-10-03 17:46:24 +03:00
Russ White
373d46d0f7
Merge pull request #14511 from opensourcerouting/fix/bgpd_software_version_capability 
bgpd: Validate maximum length of software version when handling via dynamic caps
 2023-10-03 10:36:21 -04:00
Philippe Guibert
aa511000e0 bgpd: add 'match community-list any' function 
There is no match mechanism to match one community from the
incoming community-list. Add the 'any' keyword to the 'match
route-map' command of communit-list and large-community-list.

> match community-list AAA any
> match large-community-list AAA any

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-10-02 15:24:18 +02:00
Donatas Abraitis
5e8a8d0ed6 bgpd: Validate maximum length of software version when handling via dynamic caps 
We should not allow exceeding the stream's length, and also software version
can't be larger than 64 bytes.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-09-29 12:13:43 +03:00
Donatas Abraitis
02d8b80ce4 *: Do not cast to the same type as the destination is 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-09-29 10:24:16 +03:00
Donatas Abraitis
b9cbecbd16
Merge pull request #14506 from louis-6wind/fix-bgp-link-state 
bgpd: fix link state coverity scan issues
 2023-09-29 08:29:31 +03:00
Donald Sharp
1001a578ea
Merge pull request #14483 from opensourcerouting/fix/ignore_setting_ttl_for_negative_socket 
bgpd: Set the TTL for the correct socket
 2023-09-28 15:37:33 -04:00
Louis Scalbert
e1333d12e0 bgpd: fix printing link state ospf opaque data 
Fix printing link state ospf opaque data. pnt address was not moving
in the loop.

Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
 2023-09-28 18:59:34 +02:00
Louis Scalbert
57d0dc565f bgpd: fix insecure data write with area addresses 
Fix an issue where an attacker may inject a tainted length value to
corrupt the memory.

> CID 1568380 (#1 of 1): Untrusted value as argument (TAINTED_SCALAR)
> 9. tainted_data: Passing tainted expression length to bgp_linkstate_nlri_value_display, which uses it as an offset

Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes")  Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
 2023-09-28 17:51:26 +02:00
Louis Scalbert
54222f9213 bgpd: fix insecure data write with ip addresses 
Fix issues where an attacker may inject a tainted length value to
corrupt the memory.

> CID 1568378 (#1-6 of 6): Untrusted value as argument (TAINTED_SCALAR)
> 16. tainted_data: Passing tainted expression length to bgp_linkstate_tlv_attribute_value_display, which uses it as an offset. [show details]

Fixes: 7e0d9ff8ba ("bgpd: display link-state prefixes detail")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
 2023-09-28 17:51:23 +02:00
Louis Scalbert
25408c8dbf bgpd: fix link_state_hash_cmp() 
Fix comparaison of link state attributes pointers in
link_state_hash_cmp().

> CID 1568379 (#1 of 1): Logically dead code (DEADCODE)
> dead_error_line: Execution cannot reach this statement: return false;.

Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
 2023-09-28 15:33:58 +02:00
Louis Scalbert
dae5791c44 bgpd: fix illegal memory access in bgp_ls_tlv_check_size() 
Fix illegal memory access bgp_ls_tlv_check_size() if type is 1253.

> CID 1568377 (#4 of 4): Out-of-bounds read (OVERRUN)
> 5. overrun-local: Overrunning array bgp_linkstate_tlv_infos of 1253 16-byte elements at element index 1253 (byte offset 20063) using index type (which evaluates to 1253).

Fixes: 7e0d9ff8ba ("bgpd: display link-state prefixes detail")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
 2023-09-28 15:27:27 +02:00
Louis Scalbert
eb9e286511 bgpd: do not check attr in bgp_packet_attribute 
Fix the following coverity issue. attr cannot be NULL.

> CID 1568376 (#1 of 1): Dereference before null check (REVERSE_INULL)
> check_after_deref: Null-checking attr suggests that it may be null, but it has already been dereferenced on all paths leading to the check.

Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
 2023-09-28 15:08:23 +02:00
Donald Sharp
60c38a99ac
Merge pull request #14342 from fdumontet6WIND/fix_crash_snmp 
bgpd: fix crash in *bgpv2PeerErrorsTable"
 2023-09-27 15:25:38 -04:00
Russ White
8e755a03a3
Merge pull request #12649 from louis-6wind/bgp-link-state 
bgpd: add basic support of BGP Link-State RFC7752
 2023-09-26 10:07:02 -04:00
Donatas Abraitis
2853f14d05 bgpd: Set the TTL for the correct socket 
When we accept a connection, we try to set TTL for the socket, but the socket
is not yet created/assigned and we are trying to set it on the wrong socket fd.

```
[Event] connection from 127.0.0.1 fd 25, active peer status 3 fd -1
can't set sockopt IP_TTL 255 to socket -1
bgp_set_socket_ttl: Can't set TxTTL on peer (rtrid 0.0.0.0) socket, err = 9
Unable to set min/max TTL on peer 127.0.0.1, Continuing
```

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-09-25 22:25:32 +03:00
Donatas Abraitis
a2a9733fec
Merge pull request #14468 from donaldsharp/bgp_send_ordering 
bgpd: Ensure send order is 100% consistent
 2023-09-24 16:48:44 +03:00
Donald Sharp
e0b37a21be
Merge pull request #14475 from opensourcerouting/fix/unset_per_afi_stuff_when_dynamic_UNSET_received 
Clear per afi/safi stuff for GR/LLGR when dynamic capability with UNSET action received
 2023-09-23 09:51:47 -04:00
Donald Sharp
7d12e26121
Merge pull request #14464 from opensourcerouting/fix/dampening_crash 
bgpd: Fix dampening info crash
 2023-09-23 09:51:01 -04:00
Donatas Abraitis
61bd60b984 bgpd: Flush per AFI/SAFI capabilities flags, stale_time for LLGR cap 
Clear to defaults if receiving dynamic capability with UNSET action.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-09-22 20:50:07 +03:00
Donatas Abraitis
f793136d18 bgpd: Clear graceful-restart per AFI/SAFI capability flags when receiving unset 
We flushed the main capability received flag, but missed flushing per AFI/SAFI.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-09-22 20:50:06 +03:00
Donald Sharp
f327f2e8ae
Merge pull request #14463 from mjstapp/fix_bgp_ctime_r 
bgpd: fix return of local from ctime_r
 2023-09-22 09:47:33 -04:00
Donatas Abraitis
e0a8795484 bgpd: Use proper AFI when dumping information for dampening stuff 
Before we called IPv4 for IPv6 dampening info.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-09-22 12:04:17 +03:00