bgpd: Limit flowspec to no attribute means a implicit withdrawal

All other parsing functions done from bgp_nlri_parse() assume no attributes == an implicit withdrawal. Let's move bgp_nlri_parse_flowspec() into the same alignment. Reported-by: Matteo Memelli <mmemelli@amazon.it> Signed-off-by: Donald Sharp <sharpd@nvidia.com>
author: Donald Sharp <sharpd@nvidia.com> 2023-04-05 20:57:05 +0200
committer: Donald Sharp <sharpd@nvidia.com> 2023-04-06 13:13:30 +0200
commit: cfd04dcb3e689754a72507d086ba3b9709fc5ed8 (patch)
tree: 60f7390c37e14f6a754c5eb505808f5a1db91748 /bgpd
parent: bgpd: Conform bgp_packet.h with coding standards (diff)
download: frr-cfd04dcb3e689754a72507d086ba3b9709fc5ed8.tar.xz
frr-cfd04dcb3e689754a72507d086ba3b9709fc5ed8.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/bgpd/bgp_flowspec.c b/bgpd/bgp_flowspec.c
index f9debe43c..5e1be2140 100644
--- a/bgpd/bgp_flowspec.c
+++ b/bgpd/bgp_flowspec.c
@@ -98,6 +98,13 @@ int bgp_nlri_parse_flowspec(struct peer *peer, struct attr *attr,
 	afi = packet->afi;
 	safi = packet->safi;
 
+	/*
+	 * All other AFI/SAFI's treat no attribute as a implicit
+	 * withdraw.  Flowspec should as well.
+	 */
+	if (!attr)
+		withdraw = 1;
+
 	if (packet->length >= FLOWSPEC_NLRI_SIZELIMIT_EXTENDED) {
 		flog_err(EC_BGP_FLOWSPEC_PACKET,
 			 "BGP flowspec nlri length maximum reached (%u)",
author	Donald Sharp <sharpd@nvidia.com>	2023-04-05 20:57:05 +0200
committer	Donald Sharp <sharpd@nvidia.com>	2023-04-06 13:13:30 +0200
commit	cfd04dcb3e689754a72507d086ba3b9709fc5ed8 (patch)
tree	60f7390c37e14f6a754c5eb505808f5a1db91748 /bgpd
parent	bgpd: Conform bgp_packet.h with coding standards (diff)
download	frr-cfd04dcb3e689754a72507d086ba3b9709fc5ed8.tar.xz frr-cfd04dcb3e689754a72507d086ba3b9709fc5ed8.zip