ripd: ensure simple-auth value is NULL-terminatedEnsure the simple-auth string is in a NULL-terminated
buffer before printing it with '%s'.
Signed-off-by: Mark Stapp <mjs@cisco.com>
ripd: use rn->info properly in process_response()route_node->info is a list, not a single object; use it
correctly, and avoid NULL-deref potential.
Signed-off-by: Mark Stapp <mjs@cisco.com>
bgpd: Do not process route-refresh for AFI/SAFI if it's not negotiatedWe shouldn't allow processing AFI/SAFI received in route-refresh message if we
don't have this AFI/SAFI enabled for this peer.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
tests: Verify neighbor addr Sub-TLVs after link-params resetAdd test_step11() to the isis_te_topo1 topotest suite to verify
that the IPv4 and IPv6 Neighbor Address Sub-TLVs in the Extended IS
Reachability TLV are correctly restored after link-params changes.
The test removes link-params from r1-eth0 and then re-adds them,
and checks that the neighbor address Sub-TLVs are still present in
the TED on all routers after the reconfiguration.
Signed-off-by:...
isisd: Fix missing neighbor address Sub-TLVs after link-params changeWhen link-params are removed from an interface, Zebra notifies IS-IS via
the zebra_if_update_link_params hook, triggering isis_mpls_te_update().
That function calls isis_link_params_update(), which resets ext->status
to keep only SR-related Sub-TLV flags — clearing EXT_NEIGH_ADDR and
EXT_NEIGH_ADDR6, which control advertisement of the IPv4 and IPv6
Neighbor Address Sub-TLVs, so those Sub-TLVs d...
bgpd: include length in cluster_hash_cmp()For robustness, the lengths should be compared even when the
pointers are equal.
Signed-off-by: Enke Chen <enchen@paloaltonetworks.com>
bgpd: add config "nexthop prefer-global" for ipv6 address familyThis command is similar to "set ipv6 next-hop prefer-global" in a
route-map, but it's global and is applied to the ipv6 routes from
all neighbors.
BGP may receive a link-local ipv6 address, and a global IPv6 address
as the nexthops from a directly connected peer. The default in FRR
is to use the link-local address. This config would override the
default and use the global ipv6 address instead...
bgpd: fix BGP_ATTR_NEXT_HOP flag handling in bgp_attr_default_set()bgp_attr_default_set() unconditionally set the BGP_ATTR_NEXT_HOP flag
on every call, even though attr.nexthop (the IPv4 address field) is
all-zeros and not yet assigned. This flag is used by
BGP_ATTR_NEXTHOP_AFI_IP6 to distinguish IPv4 vs IPv6 nexthops, so
having it always set caused non-IPv4 routes to be misidentified.
Callers were working around this by manually calling UNSET_FLAG for
non-IPv...
tests: bgp_suppress_duplicates: simplify and split into four testsConvert the iBGP session between r1 and r2 to eBGP. This eliminates
rmap-to-r2 (which existed solely to normalize local-pref to 100 at
r2), next-hop-self, and the now-empty address-family block on r2.
Since local-pref is not carried over eBGP, drop the local_pref
parameter from _bgp_check_route_attributes().
Add a step to wait for the initial route to appear at r2 before
recording the baseline...
bgpd: Fix route-map cleanup ordering in SRv6 unicast SID exportWhen removing SRv6 unicast SID export config, route-map cleanup frees
rmap_name before looking up the route-map and decrementing its counter.
Reorder cleanup to first call route_map_lookup_by_name() and
route_map_counter_decrement(), then free rmap_name.
Apply the same ordering fix in the SRv6 unicast delete path for
consistency.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
bgpd: fix NHT for explicit link-local BGP peersWhen a BGP peer is configured with an explicit IPv6 link-local
address (neighbor fe80::1 interface swp1), the NHT peer-tracking
code skipped deriving the ifindex from the kernel-provided
scope_id because peer->conf_if is NULL for this configuration
style. This caused peer-tracking to create a BNC keyed with
ifindex 0 while path-tracking created a separate BNC keyed with
the real ifindex from s...
isisd: add unit test for remove_excess_adjs() memory leak fixAdd a test that verifies remove_excess_adjs() properly frees the
isis_vertex_adj it removes from the list. The test uses FRR's
per-MTYPE allocation counter (n_alloc) to assert that:
- After remove_excess_adjs(): exactly one MTYPE_ISIS_VERTEX_ADJ
allocation is freed (not just unlinked)
- After full list cleanup: all allocations return to baseline
Without the fix in the preceding commit, the ...
isisd: fix memory leak in remove_excess_adjs()When the number of adjacencies for a vertex exceeds
ISIS_MAX_PATH_SPLITS, remove_excess_adjs() calls list_delete_node()
which frees the listnode but does NOT free the isis_vertex_adj data
payload. This leaks one MTYPE_ISIS_VERTEX_ADJ allocation per call.
In large-scale deployments, each SPF run triggers this path
accumulating leaked memory.
Valgrind trace:
definitely lost: 3,332,608 bytes i...
bfdd: cap IPv6 echo reflection to declared lengthValidate IPv6 echo payload length and reflect only bep->len
bytes instead of raw receive length to avoid oversized
reflection payloads.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
bfdd: account for FP offset in echo length checksValidate echo packet length using bfd_offset + sizeof(*bep) so
forwarding-plane packets are not parsed past received data.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
bfdd: fix recv errno filter logic in a few placesUse logical AND when filtering EAGAIN/EWOULDBLOCK/EINTR in
bfd_recv_ipv4_fp(), bfd_recv_ipv4(), and bfd_recv_ipv6() so
only real socket errors are logged.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
bfdd: gate IPv6 echo reflection on known sessionsOnly reflect IPv6 echo packets when the source/local tuple maps to
an existing BFD session, preventing unauthenticated reflection of
arbitrary on-link packets.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
bfdd: validate control packet length before session lookupCheck recv length before casting/parsing the control packet so short
or error reads cannot drive discriminator/session lookup with
uninitialized data. Keep debug visibility for short and non-positive
reads while dropping early.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
ci: skip github ci for mergify PRsSkip this workflow when the PR actor is mergify[bot] to reduce load.
We still run NeDEF CI, so if there are issues they would still be
caught.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Donatas Abraitis
Mark Stapp
Carmine Scarpitta
Enke Chen
Soumya Roy
Jafar Al-Gharaibeh
Quentin Baradat