zebra: check for invalid family in ipset entry msg

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>

diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index 6012962b1c4155712caf812895706edd2eb77fa9..ca0011e1682aadb2a132143e564cecfb8cbbb849 100644 (file)
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -2511,6 +2511,19 @@ static inline void zread_ipset_entry(ZAPI_HANDLER_ARGS)
                if (zpi.proto != 0)
                        zpi.filter_bm |= PBR_FILTER_PROTO;
 
+               if (!(zpi.dst.family == AF_INET
+                     || zpi.dst.family == AF_INET6)) {
+                       zlog_warn("Unsupported PBR IP family: %s (%" PRIu8 ")",
+                                 family2str(zpi.dst.family), zpi.dst.family);
+                       goto stream_failure;
+               }
+               if (!(zpi.src.family == AF_INET
+                     || zpi.src.family == AF_INET6)) {
+                       zlog_warn("Unsupported PBR IP family: %s (%" PRIu8 ")",
+                                 family2str(zpi.src.family), zpi.src.family);
+                       goto stream_failure;
+               }
+
                /* calculate backpointer */
                zpi.backpointer =
                        zebra_pbr_lookup_ipset_pername(ipset.ipset_name);