lib, zebra: bound SRv6 locator name length in ZAPIzread_srv6_manager_get_srv6_sid() and zread_srv6_manager_get_locator()
read a uint16_t length from the ZAPI stream and pass it directly to
STREAM_GET() to copy into a 256-byte stack buffer (SRV6_LOCNAME_SIZE),
without bounding the length first. STREAM_GET() only validates the
source side of the read; the destination is a raw memcpy. A malformed
ZAPI message with len >= SRV6_LOCNAME_SIZE writes ...
tests: fix one more format warningTests weren't using the frr-format plugin before. One more warning to
address.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: clang-format for previous commitLeft separate because that makes the previous commit easier to read.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: use snprintfrr in bgp debug & flowspecsnprintfrr has better error checking with the frr-format plugin (cf.
previous commit), and is slightly more secure due to not supporting
`%n`. (The latter makes no difference here, the sentiment is still
valid.)
Also, changing PRIu64 to `%w64u` means this breaks with an older libc
version.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: fix uint64_t format in bgp_debug`unsigned long long` isn't `uint64_t`, and switch to `printfrr` to avoid
"impedance" issues. This one was like that from the beginning.
Really looking forward to C23 and `%w64u`.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: switch uint64_t format to printfrrThe error checking is, admittedly, a bit finnicky; if `PRIu64` is
adjusted for `printfrr` it might not be correct for `printf` anymore :(.
Just print with `printfrr` instead.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
Revert "bgpd: Fix compilation for Debian 11 when printing uint64 values"This reverts commit a44ef01d8357b9e2ea7405f3d76be5874e32a3a5.
The problem there was that `snprintf` was getting hit with the error
checking for `snprintfrr`. The fix is actually wrong :(.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: Advance stream past slack bytes in SRv6 prefix-SID Sub-TLVsWhen an SRv6 L3 Service outer Sub-TLV (or its SID_INFO inner
Sub-TLV) declares more bytes than its contents consume, the parser
left the stream cursor short of the declared end, and the
dispatcher's post-attribute boundary check (BGP_INPUT_PNT !=
attr_endp) fired NOTIFICATION, tearing down the session.
After parsing each Sub-TLV, advance the cursor past any unread slack
within the declared len...
lib: make bison warning pragma unconditionalGCC 16 has started complaining about this as well; the warning was
already masked for clang. GCC doesn't seem to mind the pragma being
unconditional, even on older versions. clang (on OpenBSD) does
complain, so the pragma is still conditional.
Due to this being generated code, there isn't really a better fix,
sadly.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
pathd: remove unused loop countersGCC 16 doesn't like these:
```
pathd/path_pcep_debug.c:1368:21: error: variable 'i' set but not used [-Werror=unused-but-set-variable=]
```
and they are indeed just pointless.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: Add boundary checks when parsing sub-sub TLVs for srv6 prefix sidReported-by: Bronson Yen of Calif.io
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
bgpd: validate rfapi subtlv before accessing data octetsImprove validation in handling the rfapi TYPE_L2ADDR subtlv;
validate subtlv length before accessing octets.
Signed-off-by: Mark Stapp <mjs@cisco.com>
Reported-by: Jiahao Lei <jhaolei@163.com>
zebra: pass vrf pointer to interface_vrf_change for deleteIn the delete path, we already hold a reference to the vrf structure
before calling if_delete_update(). Passing this pointer directly to
interface_vrf_change() avoids a redundant vrf_lookup_by_id() call and
allows accessing vrf->name, vrf->vrf_id, and vrf->data.l.table_id
directly.
For update operations, the vrf pointer is passed as NULL and the
function continues to use the vrf_id, name, and ...
zebra: use dplane provided vrf_id instead of casting ifindexinterface_vrf_change() was implicitly assuming that the VRF netdevice
ifindex could be used as zebra's vrf_id.
This assumption holds true for the Linux kernel dataplane, where the VRF
ID is defined as the ifindex of the VRF interface, so this change does
not alter kernel behavior.
However, the dataplane API already exposes both concepts explicitly via
dplane_ctx_get_ifindex() and dplane_ctx_g...
tests: add EVPN RT-2 IPv6 VTEP import-vrf testAdd a minimal topotest for an IPv4 EVPN RT-2 route learned over an IPv6
VTEP and leaked with BGP import vrf.
Verify the route keeps its IPv6 nexthop in both BGP and zebra, covering
regressions where the nexthop is corrupted during import.
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
bgpd: Treat as withdraw NHC attribute if receive unrecognizable AFI/SAFIReported-by: Bronson Yen of Calif.io
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
ospfd: remove unnecessary spaceRemove unnecessary spaces in config written with `interface_config_auth_str()`.
Before:
```
interface enp1s0
ip ospf authentication 1.2.3.4
```
After:
```
interface enp1s0
ip ospf authentication 1.2.3.4
```
Also, remove trailing one from "area <> virtual-link <> authentication"
in this same way.
Signed-off-by: anlan_cs <anlan_cs@126.com>
tests: clean out a few warningsEnforcing `-Werror` on the tests isn't particularly helpful, but might
as well make it clean while at it.
The noreturn stuff isn't worth it IMHO, hence just disabling that
warning for tests.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
ospfd: work around known frr-format plugin issueThe `frr-format` plugin (which checks format strings for correct use of
e.g. `%pI4`) has some shortcomings that I can't fix since they'd either
need touching GCC (so you'd need a custom GCC version to use it... yeah,
no.) or they would need an excessive amount of time from me to try and
understand GCC interna (that I will never again need.)
Specifically, the type `(size_t) ( ... )` here is "co...
isisd, tools: fix 2 uninitialized warningsStupidly enough I didn't note down which compiler is complaining about
these, but I know I haven't gone and randomly added initializers for
fun. Some version of something complained about these two.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
lib: silence a `.l` clang unused-but-set warning```
lib/command_lex.l:77:24: error: variable 'buffer' set but not used [-Werror,-Wunused-but-set-global]
```
I'm not digging further into this since this is dealing in
flex-generated code, and while it might be "unused-but-set" with my
specific flex version (being in fact unused), it'll probably break with
some random other flex version.
Signed-off-by: David 'equinox' Lamparter <equinox@opens...
zebra/fpm_listener: add a `FRR_NORETURN` for clangclang-23 is unhappy:
```
zebra/fpm_listener.c:1124:1: error: function 'sigterm_handler' could be declared with attribute 'noreturn' [-Werror,-Wmissing-noreturn]
```
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
lib: fix event loop shutdown conditionWhen clearing out events from a loop, we just set the fd to `-1`, which
is perfectly fine. But we didn't update the highest-used index, which
is used for determining if a loop still has things to do. It was never
getting to zero, leading to another broken shutdown condition.
Again, no impact to normal daemon operation, just `test_zmq` hanging.
(I haven't dug up where this broke, it worked a...
lib: fix epoll refactor of event_fetch loopWhen epoll support was added, `event_fetch_inner_loop` got split off
from the containing function, which in itself is a good thing.
Unfortunately this change missed the fact that the inner loop code there
has (*had*) side effects carried through to the next loop iteration by
way changing some variables that take effect into the next loop.
This doesn't break anything - almost. It affects proce...
lib: don't crash on xref=NULL events in `%pTHD``%pTHD` isn't really used in a lot of places, and those that exist
AFAICS can't run into this condition, but either way we shouldn't crash
when printing a zeroed/unused `struct event` with `%pTHD`. (`->xref`
won't ever be NULL while an event is in use.)
(I ran into this after adding some printf debugging.)
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
zebra: strip unneeded casts that trip frr-formatThis only shows up with the frr-format plugin loaded into GCC:
```
zebra/zebra_dplane.c:6759: warning: format ‘%Lu’ expects argument of type ‘uint64_t’, but argument 4 has type ‘long unsigned int’ (strict match required [B]) [-Wformat=]
```
The arguments are, in fact, correctly typed `uint64_t`, but there's this
GCC "peculiarity" that using a cast in an argument list "boils down" the
cast all...
zebra: match config write to CLI in PREF64Well, the test didn't try writing the configuration and loading it back,
so a mismatch snuck in :(. The CLI expects `lifetime` to be there as a
word, but it's not written back out. So we write invalid config. Sigh.
Add the missing word to config writes, but also allow the broken form as
a hidden command.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>