diff options
| author | FUJITA Tomonori <fujita.tomonori@gmail.com> | 2020-11-01 22:46:29 +0900 |
|---|---|---|
| committer | FUJITA Tomonori <fujita.tomonori@gmail.com> | 2020-11-09 12:35:07 +0900 |
| commit | c297c0b222445df27e8e0642cbddf91be9ca8eb4 (patch) | |
| tree | 7a7180eded11e28daf3c666b69d83b8ba34061e6 | |
| parent | 46b15a7512c655683218ae867b2d42b99a73985e (diff) | |
server: handle bogus addpath argument
Signed-off-by: FUJITA Tomonori <fujita.tomonori@gmail.com>
| -rw-r--r-- | internal/pkg/apiutil/attribute.go | 3 | ||||
| -rw-r--r-- | pkg/server/grpc_server.go | 3 | ||||
| -rw-r--r-- | pkg/server/server_test.go | 33 |
3 files changed, 39 insertions, 0 deletions
diff --git a/internal/pkg/apiutil/attribute.go b/internal/pkg/apiutil/attribute.go index 8422f3f3..9b73786a 100644 --- a/internal/pkg/apiutil/attribute.go +++ b/internal/pkg/apiutil/attribute.go @@ -1506,6 +1506,9 @@ func unmarshalAttribute(an *any.Any) (bgp.PathAttributeInterface, error) { } return bgp.NewPathAttributeClusterList(a.Ids), nil case *api.MpReachNLRIAttribute: + if a.Family == nil { + return nil, fmt.Errorf("empty family") + } rf := ToRouteFamily(a.Family) nlris, err := UnmarshalNLRIs(rf, a.Nlris) if err != nil { diff --git a/pkg/server/grpc_server.go b/pkg/server/grpc_server.go index 25c8495e..3a7121f7 100644 --- a/pkg/server/grpc_server.go +++ b/pkg/server/grpc_server.go @@ -310,6 +310,9 @@ func api2Path(resource api.TableType, path *api.Path, isWithdraw bool) (*table.P case *bgp.PathAttributeNextHop: nexthop = a.Value.String() case *bgp.PathAttributeMpReachNLRI: + if len(a.Value) == 0 { + return nil, fmt.Errorf("invalid mp reach attribute") + } nlri = a.Value[0] nexthop = a.Nexthop.String() default: diff --git a/pkg/server/server_test.go b/pkg/server/server_test.go index 43d3dbf3..4c96203e 100644 --- a/pkg/server/server_test.go +++ b/pkg/server/server_test.go @@ -1559,3 +1559,36 @@ func TestDeleteVrf(t *testing.T) { } s.StopBgp(context.Background(), &api.StopBgpRequest{}) } + +func TestAddBogusPath(t *testing.T) { + ctx := context.Background() + s := runNewServer(1, "1.1.1.1", 10179) + + nlri, _ := ptypes.MarshalAny(&api.IPAddressPrefix{}) + + a, _ := ptypes.MarshalAny(&api.MpReachNLRIAttribute{}) + + _, err := s.AddPath(ctx, &api.AddPathRequest{ + Path: &api.Path{ + Family: &api.Family{Afi: api.Family_AFI_IP, Safi: api.Family_SAFI_UNICAST}, + Nlri: nlri, + Pattrs: []*any.Any{a}, + }, + }) + assert.NotNil(t, err) + + nlri, _ = ptypes.MarshalAny(&api.IPAddressPrefix{}) + + a, _ = ptypes.MarshalAny(&api.MpReachNLRIAttribute{ + Family: &api.Family{Afi: api.Family_AFI_IP, Safi: api.Family_SAFI_FLOW_SPEC_UNICAST}, + }) + + _, err = s.AddPath(ctx, &api.AddPathRequest{ + Path: &api.Path{ + Family: &api.Family{Afi: api.Family_AFI_IP, Safi: api.Family_SAFI_UNICAST}, + Nlri: nlri, + Pattrs: []*any.Any{a}, + }, + }) + assert.NotNil(t, err) +} |