proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-14 04:26:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
32,185 Commits 4 Branches 191 Tags 125 MiB
C 71.4%
Python 26.5%
Perl 0.6%
M4 0.6%
Shell 0.3%
Other 0.4%
902e2cc6af
Go to file
Donald Sharp 902e2cc6af ospf6d: Fix crash because neighbor structure was freed 
The loading_done event needs a event pointer to prevent
use after free's.  Testing found this:

    ERROR: AddressSanitizer: heap-use-after-free on address 0x613000035130 at pc 0x55ad42d54e5f bp 0x7ffff1e942a0 sp 0x7ffff1e94290
    READ of size 1 at 0x613000035130 thread T0
        #0 0x55ad42d54e5e in loading_done ospf6d/ospf6_neighbor.c:447
        #1 0x55ad42ed7be4 in event_call lib/event.c:1995
        #2 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
        #3 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
        #4 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
        #5 0x55ad42cf2b19 in _start (/usr/lib/frr/ospf6d+0x248b19)

    0x613000035130 is located 48 bytes inside of 384-byte region [0x613000035100,0x613000035280)
    freed by thread T0 here:
        #0 0x7f57998d77a8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7a8)
        #1 0x55ad42e3b4b6 in qfree lib/memory.c:130
        #2 0x55ad42d5d049 in ospf6_neighbor_delete ospf6d/ospf6_neighbor.c:180
        #3 0x55ad42d1e1ea in interface_down ospf6d/ospf6_interface.c:930
        #4 0x55ad42ed7be4 in event_call lib/event.c:1995
        #5 0x55ad42ed84fe in _event_execute lib/event.c:2086
        #6 0x55ad42d26d7b in ospf6_interface_clear ospf6d/ospf6_interface.c:2847
        #7 0x55ad42d73f16 in ospf6_process_reset ospf6d/ospf6_top.c:755
        #8 0x55ad42d7e98c in clear_router_ospf6_magic ospf6d/ospf6_top.c:778
        #9 0x55ad42d7e98c in clear_router_ospf6 ospf6d/ospf6_top_clippy.c:42
        #10 0x55ad42dc2665 in cmd_execute_command_real lib/command.c:994
        #11 0x55ad42dc2b32 in cmd_execute_command lib/command.c:1053
        #12 0x55ad42dc2fa9 in cmd_execute lib/command.c:1221
        #13 0x55ad42ee3cd6 in vty_command lib/vty.c:591
        #14 0x55ad42ee4170 in vty_execute lib/vty.c:1354
        #15 0x55ad42eec94f in vtysh_read lib/vty.c:2362
        #16 0x55ad42ed7be4 in event_call lib/event.c:1995
        #17 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
        #18 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
        #19 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

    previously allocated by thread T0 here:
        #0 0x7f57998d7d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
        #1 0x55ad42e3ab22 in qcalloc lib/memory.c:105
        #2 0x55ad42d5c8ff in ospf6_neighbor_create ospf6d/ospf6_neighbor.c:119
        #3 0x55ad42d4c86a in ospf6_hello_recv ospf6d/ospf6_message.c:464
        #4 0x55ad42d4c86a in ospf6_read_helper ospf6d/ospf6_message.c:1884
        #5 0x55ad42d4c86a in ospf6_receive ospf6d/ospf6_message.c:1925
        #6 0x55ad42ed7be4 in event_call lib/event.c:1995
        #7 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
        #8 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
        #9 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Add an actual event pointer and just track it appropriately.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 77e838eb9a)
2023-07-03 06:22:31 +00:00
.github github: Add rebase label on PR if it's > 50 commits behind 2023-05-09 09:37:23 +03:00
alpine docker: Enable Lua (scripting) for Alpine images 2023-04-08 21:04:07 +03:00
babeld Merge pull request #13354 from zmw12306/parse_request_subtlv 2023-05-02 10:28:20 -04:00
bfdd bfdd: fix version bits check. 2023-06-11 11:17:31 +00:00
bgpd bgpd: Ensure peer data structure is accessed only when BGPD is not terminating 2023-06-28 12:20:48 +00:00
debian mgmtd: nb library for client front-end code 2023-03-21 22:08:32 -04:00
doc Merge pull request #13833 from FRRouting/mergify/bp/dev/9.0/pr-13809 2023-06-23 08:35:57 -05:00
docker Merge pull request #12797 from jvidalallende/ubi8_minimal_dockerfile 2023-04-12 05:47:38 +00:00
eigrpd eigrpd: dest_addr does not need to be set to NULL 2023-06-01 08:58:16 -04:00
fpm *: auto-convert to SPDX License IDs 2023-02-09 14:09:11 +01:00
gdb *: Rename thread.[ch] to event.[ch] 2023-03-24 08:32:16 -04:00
grpc *: manual SPDX License ID conversions 2023-02-09 14:09:07 +01:00
include Merge pull request #12780 from opensourcerouting/spdx-license-id 2023-02-17 09:43:05 -05:00
isisd isisd: Fix use beyond end of stream of ASLA Sub-TLV parsing 2023-06-20 13:20:13 +00:00
ldpd ldpd: changes for code maintainability 2023-06-06 00:58:49 +05:30
lib mgmtd: KISS the locking code 2023-06-25 04:46:54 -04:00
m4 build: fix sed regex in Lua macro 2022-12-08 12:39:17 +01:00
mgmtd mgmtd: fix memleak 2023-06-25 04:46:54 -04:00
mlag build: fix AM_LDFLAGS usage (and gcov) 2021-07-21 17:10:08 +02:00
nhrpd nhrpd: Fix nhrpd memory leak 2023-04-24 11:18:39 +04:00
ospf6d ospf6d: Fix crash because neighbor structure was freed 2023-07-03 06:22:31 +00:00
ospfclient *: Convert event.h to frrevent.h 2023-03-24 08:32:17 -04:00
ospfd ospfd: check for NULLs in vty code 2023-07-02 19:40:55 +00:00
pathd Merge pull request #12933 from Orange-OpenSource/link_state 2023-04-20 18:33:21 +02:00
pbrd pbrd: fix crash with match command 2023-06-29 19:56:31 +00:00
pceplib *: auto-convert to SPDX License IDs 2023-02-09 14:09:11 +01:00
pimd pimd: Fix memory leak in PIM interface deletion 2023-06-28 10:42:44 +00:00
pkgsrc mgmtd: Bringup MGMTD daemon and datastore module support 2023-03-21 22:08:32 -04:00
python mgmtd: fully implement debug flags for mgmtd and clients 2023-05-01 13:47:12 -04:00
qpb mgmtd: Bringup MGMTD daemon and datastore module support 2023-03-21 22:08:32 -04:00
redhat mgmtd: Bringup MGMTD daemon and datastore module support 2023-03-21 22:08:32 -04:00
ripd ripd: embed BFD YANG models 2023-05-25 13:47:54 +02:00
ripngd ripngd: Make sure we do not overuse higher values for ECMP count 2023-05-23 09:29:02 +03:00
sharpd Merge pull request #12933 from Orange-OpenSource/link_state 2023-04-20 18:33:21 +02:00
snapcraft snapcraft: Add pim6 daemon for PIM IPv6 to snap package 2022-11-19 12:52:36 +01:00
staticd staticd: remove unused YANG module 2023-06-26 04:56:01 +00:00
tests mgmtd: KISS the locking code 2023-06-25 04:46:54 -04:00
tools tools: fix list value remove in frr-reload 2023-06-07 06:23:53 +00:00
vrrpd lib: Remove getopt.c and getopt1.c 2023-03-28 10:07:38 -04:00
vtysh mgmtd: KISS the locking code 2023-06-25 04:46:54 -04:00
watchfrr *: Convert event.h to frrevent.h 2023-03-24 08:32:17 -04:00
yang ripng: Implement allow-ecmp X command 2023-05-23 09:29:01 +03:00
zebra zebra: fix evpn rmac nh list cmp function 2023-06-27 14:26:17 +00:00
.clang-format Revert "tools: config clang-format to allow aligned macros" 2023-05-15 15:32:48 +03:00
.dockerignore docker: Make docker image on CentOS 7 2019-11-26 19:29:30 +00:00
.flake8 style: add format checker config that matches FRR style standards 2023-04-18 05:18:26 -04:00
.git-blame-ignore-revs tools: Ignore mass renaming of topotests for git blame 2021-05-11 14:14:26 +03:00
.gitignore doc: configure: add configure option to generate .ccls file 2023-05-18 09:32:32 -04:00
.isort.cfg style: add format checker config that matches FRR style standards 2023-04-18 05:18:26 -04:00
.pylintrc style: add format checker config that matches FRR style standards 2023-04-18 05:18:26 -04:00
.travis.yml lib: libyang2 add missed conversion 2021-05-17 22:13:59 -04:00
bootstrap.sh build: turn on automake warnings (& symlinks) 2021-04-21 15:42:37 +02:00
buildtest.sh *: manual SPDX License ID conversions 2023-02-09 14:09:07 +01:00
config.version.in build: carry --with-pkg-extra-version into tarballs 2018-10-24 15:11:50 +02:00
configure.ac doc: configure: add configure option to generate .ccls file 2023-05-18 09:32:32 -04:00
COPYING *: sort out & explain licenses used in FRR 2023-02-09 12:46:13 +01:00
Makefile.am build: clean up mgmtd lib protobuf make syntax 2023-03-27 16:44:27 -04:00
README.md doc: Fix the link that points to Slack invitation in README 2022-03-24 13:13:37 +02:00
stamp-h.in Initial revision 2002-12-13 20:15:29 +00:00
version.h build: make builddir include path consistent 2021-04-21 15:42:33 +02:00

README.md

Icon

FRRouting

FRR is free software that implements and manages various IPv4 and IPv6 routing protocols. It runs on nearly all distributions of Linux and BSD and supports all modern CPU architectures.

FRR currently supports the following protocols:

  • BGP
  • OSPFv2
  • OSPFv3
  • RIPv1
  • RIPv2
  • RIPng
  • IS-IS
  • PIM-SM/MSDP
  • LDP
  • BFD
  • Babel
  • PBR
  • OpenFabric
  • VRRP
  • EIGRP (alpha)
  • NHRP (alpha)

Installation & Use

For source tarballs, see the releases page.

For Debian and its derivatives, use the APT repository at https://deb.frrouting.org/.

Instructions on building and installing from source for supported platforms may be found in the developer docs.

Once installed, please refer to the user guide for instructions on use.

Community

The FRRouting email list server is located here and offers the following public lists:

Topic List
Development dev@lists.frrouting.org
Users & Operators frog@lists.frrouting.org
Announcements announce@lists.frrouting.org

For chat, we currently use Slack. You can join by clicking the "Slack" link under the Participate section of our website.

Contributing

FRR maintains developer's documentation which contains the project workflow and expectations for contributors. Some technical documentation on project internals is also available.

We welcome and appreciate all contributions, no matter how small!

Security

To report security issues, please use our security mailing list:

security [at] lists.frrouting.org