From 213bdb39a7326ab9622d48d770549b5d7d1d5878 Mon Sep 17 00:00:00 2001 From: Renato Westphal Date: Fri, 19 Oct 2018 15:53:46 -0300 Subject: [PATCH] bgpd: fix cleanup of dampening configuration The bgp_damp_config_clean() function was deallocating some arrays without resetting the variables that represent their sizes. This was leading to some crashes because other parts of the code iterate over these arrays by looking at their corresponding sizes, which could be invalid. Fixes the following segfaults (which only happen under certain circumstances): vtysh -c "configure terminal" -c "router bgp 1" -c "bgp dampening" vtysh -c "configure terminal" -c "router bgp 1" -c "no bgp dampening" vtysh -c "configure terminal" -c "router bgp 1" -c "no bgp dampening 45" vtysh -c "" -c "clear ip bgp dampening" Signed-off-by: Renato Westphal --- bgpd/bgp_damp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bgpd/bgp_damp.c b/bgpd/bgp_damp.c index bce6056de..4a0395cab 100644 --- a/bgpd/bgp_damp.c +++ b/bgpd/bgp_damp.c @@ -446,12 +446,15 @@ static void bgp_damp_config_clean(struct bgp_damp_config *damp) { /* Free decay array */ XFREE(MTYPE_BGP_DAMP_ARRAY, damp->decay_array); + damp->decay_array_size = 0; /* Free reuse index array */ XFREE(MTYPE_BGP_DAMP_ARRAY, damp->reuse_index); + damp->reuse_index_size = 0; /* Free reuse list array. */ XFREE(MTYPE_BGP_DAMP_ARRAY, damp->reuse_list); + damp->reuse_list_size = 0; } /* Clean all the bgp_damp_info stored in reuse_list. */ -- 2.39.5