diff options
| author | Philippe Guibert <philippe.guibert@6wind.com> | 2024-12-19 14:23:40 +0100 |
|---|---|---|
| committer | Philippe Guibert <philippe.guibert@6wind.com> | 2025-01-07 15:35:32 +0100 |
| commit | 3e05ba06e662dc12d31ee7042a4157aa3d74928c (patch) | |
| tree | 41e25e8c27fc2befc8dc254e5ab26ff104244f4d /bgpd | |
| parent | bgpd, topotests: bmp imported bgp, send peer up events when config param changed (diff) | |
| download | frr-3e05ba06e662dc12d31ee7042a4157aa3d74928c.tar.xz frr-3e05ba06e662dc12d31ee7042a4157aa3d74928c.zip | |
bgpd: fix access to invalid memory zone
> ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f73891cb146 bp 0x7ffca86584c0 sp 0x7ffca8658490 T0)
> ==837617==The signal is caused by a READ memory access.
> ==837617==Hint: address points to the zero page.
> #0 0x7f73891cb146 in bmp_targets_const_next bgpd/bgp_bmp.c:149
> #1 0x7f73891cb1a5 in bmp_targets_next bgpd/bgp_bmp.c:149
> #2 0x7f73891e875a in _bmp_vrf_state_changed_internal bgpd/bgp_bmp.c:3520
> #3 0x7f73891e8922 in bmp_vrf_itf_state_changed bgpd/bgp_bmp.c:3566
> #4 0x55e511af8d1b in hook_call_bgp_vrf_status_changed bgpd/bgp_zebra.c:64
> #5 0x55e511afa304 in bgp_ifp_up bgpd/bgp_zebra.c:234
> #6 0x7f738981c193 in hook_call_if_up lib/if.c:57
> #7 0x7f738981d09a in if_up_via_zapi lib/if.c:203
> #8 0x7f73899d6f54 in zclient_interface_up lib/zclient.c:2671
> #9 0x7f73899e3e5a in zclient_read lib/zclient.c:4624
> #10 0x7f738998078d in event_call lib/event.c:1996
> #11 0x7f7389848933 in frr_run lib/libfrr.c:1232
> #12 0x55e5117f7ae1 in main bgpd/bgp_main.c:557
> #13 0x7f7389229d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> #14 0x7f7389229e3f in __libc_start_main_impl ../csu/libc-start.c:392
> #15 0x55e5117f4234 in _start (/usr/lib/frr/bgpd+0x2ec234)
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Diffstat (limited to 'bgpd')
| -rw-r--r-- | bgpd/bgp_bmp.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/bgpd/bgp_bmp.c b/bgpd/bgp_bmp.c index b04ba9841..164f59194 100644 --- a/bgpd/bgp_bmp.c +++ b/bgpd/bgp_bmp.c @@ -2081,6 +2081,7 @@ static struct bmp_bgp *bmp_bgp_get(struct bgp *bgp) bmpbgp->bgp = bgp; bmpbgp->vrf_state = vrf_state_unknown; bmpbgp->mirror_qsizelimit = ~0UL; + bmp_targets_init(&bmpbgp->targets); bmp_mirrorq_init(&bmpbgp->mirrorq); bmp_bgph_add(&bmp_bgph, bmpbgp); |