summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorFUJITA Tomonori <fujita.tomonori@gmail.com>2020-11-01 22:46:29 +0900
committerFUJITA Tomonori <fujita.tomonori@gmail.com>2020-11-09 12:35:07 +0900
commitc297c0b222445df27e8e0642cbddf91be9ca8eb4 (patch)
tree7a7180eded11e28daf3c666b69d83b8ba34061e6
parent46b15a7512c655683218ae867b2d42b99a73985e (diff)
server: handle bogus addpath argument
Signed-off-by: FUJITA Tomonori <fujita.tomonori@gmail.com>
-rw-r--r--internal/pkg/apiutil/attribute.go3
-rw-r--r--pkg/server/grpc_server.go3
-rw-r--r--pkg/server/server_test.go33
3 files changed, 39 insertions, 0 deletions
diff --git a/internal/pkg/apiutil/attribute.go b/internal/pkg/apiutil/attribute.go
index 8422f3f3..9b73786a 100644
--- a/internal/pkg/apiutil/attribute.go
+++ b/internal/pkg/apiutil/attribute.go
@@ -1506,6 +1506,9 @@ func unmarshalAttribute(an *any.Any) (bgp.PathAttributeInterface, error) {
}
return bgp.NewPathAttributeClusterList(a.Ids), nil
case *api.MpReachNLRIAttribute:
+ if a.Family == nil {
+ return nil, fmt.Errorf("empty family")
+ }
rf := ToRouteFamily(a.Family)
nlris, err := UnmarshalNLRIs(rf, a.Nlris)
if err != nil {
diff --git a/pkg/server/grpc_server.go b/pkg/server/grpc_server.go
index 25c8495e..3a7121f7 100644
--- a/pkg/server/grpc_server.go
+++ b/pkg/server/grpc_server.go
@@ -310,6 +310,9 @@ func api2Path(resource api.TableType, path *api.Path, isWithdraw bool) (*table.P
case *bgp.PathAttributeNextHop:
nexthop = a.Value.String()
case *bgp.PathAttributeMpReachNLRI:
+ if len(a.Value) == 0 {
+ return nil, fmt.Errorf("invalid mp reach attribute")
+ }
nlri = a.Value[0]
nexthop = a.Nexthop.String()
default:
diff --git a/pkg/server/server_test.go b/pkg/server/server_test.go
index 43d3dbf3..4c96203e 100644
--- a/pkg/server/server_test.go
+++ b/pkg/server/server_test.go
@@ -1559,3 +1559,36 @@ func TestDeleteVrf(t *testing.T) {
}
s.StopBgp(context.Background(), &api.StopBgpRequest{})
}
+
+func TestAddBogusPath(t *testing.T) {
+ ctx := context.Background()
+ s := runNewServer(1, "1.1.1.1", 10179)
+
+ nlri, _ := ptypes.MarshalAny(&api.IPAddressPrefix{})
+
+ a, _ := ptypes.MarshalAny(&api.MpReachNLRIAttribute{})
+
+ _, err := s.AddPath(ctx, &api.AddPathRequest{
+ Path: &api.Path{
+ Family: &api.Family{Afi: api.Family_AFI_IP, Safi: api.Family_SAFI_UNICAST},
+ Nlri: nlri,
+ Pattrs: []*any.Any{a},
+ },
+ })
+ assert.NotNil(t, err)
+
+ nlri, _ = ptypes.MarshalAny(&api.IPAddressPrefix{})
+
+ a, _ = ptypes.MarshalAny(&api.MpReachNLRIAttribute{
+ Family: &api.Family{Afi: api.Family_AFI_IP, Safi: api.Family_SAFI_FLOW_SPEC_UNICAST},
+ })
+
+ _, err = s.AddPath(ctx, &api.AddPathRequest{
+ Path: &api.Path{
+ Family: &api.Family{Afi: api.Family_AFI_IP, Safi: api.Family_SAFI_UNICAST},
+ Nlri: nlri,
+ Pattrs: []*any.Any{a},
+ },
+ })
+ assert.NotNil(t, err)
+}