bgpd: disallow importing a vrf into itself

Prior to this fix, you could configure importing a vrf from inside
the same vrf.  This can lead to unexpected behavior in the leaking
process.  This fix disallows that behavior.

Ticket: CM-20539
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>

diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c
index 5d154772452103ad175f0f6701a4cddd5989b7a5..65c1580d31a08d4f3d637014174cede1e004a89a 100644 (file)
--- a/bgpd/bgp_vty.c
+++ b/bgpd/bgp_vty.c
@@ -6680,6 +6680,14 @@ DEFPY (bgp_imexport_vrf,
        afi = bgp_node_afi(vty);
        safi = bgp_node_safi(vty);
 
+       if (((BGP_INSTANCE_TYPE_DEFAULT == bgp->inst_type)
+            && (strcmp(import_name, BGP_DEFAULT_NAME) == 0))
+           || (bgp->name && (strcmp(import_name, bgp->name) == 0))) {
+               vty_out(vty, "%% Cannot %s vrf %s into itself\n",
+                       remove ? "unimport" : "import", import_name);
+               return CMD_WARNING;
+       }
+
        bgp_default = bgp_get_default();
        if (!bgp_default) {
                /* Auto-create assuming the same AS */