zebra: check pbr rule msg for correct afi

further down we hash the src & dst ip, which asserts that the afi is one
of the well known ones, given the field names i assume the correct afis
here are af_inet[6]

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>

diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index 1dbe41f4629884155dcd25e4b28956922e16a08f..18b733f884fdaf8be0ec9133d71a5f8c345bad3e 100644 (file)
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -2360,6 +2360,20 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
                if (zpr.rule.filter.fwmark)
                        zpr.rule.filter.filter_bm |= PBR_FILTER_FWMARK;
 
+               if (!(zpr.rule.filter.src_ip.family == AF_INET
+                     || zpr.rule.filter.src_ip.family == AF_INET6)) {
+                       zlog_warn("Unsupported PBR source IP family: %s\n",
+                                 family2str(zpr.rule.filter.src_ip.family));
+                       return;
+               }
+               if (!(zpr.rule.filter.dst_ip.family == AF_INET
+                     || zpr.rule.filter.dst_ip.family == AF_INET6)) {
+                       zlog_warn("Unsupported PBR dest IP family: %s\n",
+                                 family2str(zpr.rule.filter.dst_ip.family));
+                       return;
+               }
+
+
                zpr.vrf_id = zvrf->vrf->vrf_id;
                if (hdr->command == ZEBRA_RULE_ADD)
                        zebra_pbr_add_rule(&zpr);