bgpd: Fix crash when deleting the SRv6 locator

When BGP receives a `SRV6_LOCATOR_DEL` from zebra, it invokes
`bgp_zebra_process_srv6_locator_delete` to process the message.

`bgp_zebra_process_srv6_locator_delete` obtains a pointer to the default
BGP instance and then dereferences this pointer.

If the default BGP instance is not ready / not configured yet, this
pointer this pointer is `NULL` and dereferencing it causes BGP to crash.

This commit fix the issue by adding a a check to verify if the pointer
is `NULL` and returning early if it is.

Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
(cherry picked from commit ae3241b96d7be08d627f142030a41031492ffaf5)

diff --git a/bgpd/bgp_zebra.c b/bgpd/bgp_zebra.c
index 87f2e55b3f84b18c51cb291515d0c50804b1fa82..d22c57c1a72c39a569f06eeb6d519290858b3004 100644 (file)
--- a/bgpd/bgp_zebra.c
+++ b/bgpd/bgp_zebra.c
@@ -3210,6 +3210,9 @@ static int bgp_zebra_process_srv6_locator_delete(ZAPI_CALLBACK_ARGS)
        struct in6_addr *tovpn_sid;
        struct prefix_ipv6 tmp_prefi;
 
+       if (!bgp)
+               return 0;
+
        if (zapi_srv6_locator_decode(zclient->ibuf, &loc) < 0)
                return -1;