bgpd: Fix crash reported by NetDEF CI
This patch is part of the previously submitted
patch set on VPN and Encap SAFIs. It fixes
an issue identified by NetDEF CI.
Ensure temp stack structures are initialized
Add protection against double frees / post
free access to bgp_attr_flush
Signed-off-by: Lou Berger <lberger@labn.net>
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index d74e0ef..f34e649 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -833,9 +833,15 @@
bgp_attr_flush (struct attr *attr)
{
if (attr->aspath && ! attr->aspath->refcnt)
- aspath_free (attr->aspath);
+ {
+ aspath_free (attr->aspath);
+ attr->aspath = NULL;
+ }
if (attr->community && ! attr->community->refcnt)
- community_free (attr->community);
+ {
+ community_free (attr->community);
+ attr->community = NULL;
+ }
if (attr->extra)
{
struct attr_extra *attre = attr->extra;
@@ -843,9 +849,15 @@
if (attre->ecommunity && ! attre->ecommunity->refcnt)
ecommunity_free (&attre->ecommunity);
if (attre->cluster && ! attre->cluster->refcnt)
- cluster_free (attre->cluster);
+ {
+ cluster_free (attre->cluster);
+ attre->cluster = NULL;
+ }
if (attre->transit && ! attre->transit->refcnt)
- transit_free (attre->transit);
+ {
+ transit_free (attre->transit);
+ attre->transit = NULL;
+ }
encap_free(attre->encap_subtlvs);
attre->encap_subtlvs = NULL;
}
diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index 2728b10..c364372 100644
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -2121,6 +2121,9 @@
const char *reason;
char buf[SU_ADDRSTRLEN];
+ memset (&new_attr, 0, sizeof(struct attr));
+ memset (&new_extra, 0, sizeof(struct attr_extra));
+
bgp = peer->bgp;
rn = bgp_afi_node_get (bgp->rib[afi][safi], afi, safi, p, prd);