bgpd: fix bgpd core when unintern attr

When the remote peer is neither EBGP nor confed, aspath is the
shadow copy of attr->aspath in bgp_packet_attribute(). Striping
AS4_PATH should not be done on the aspath directly, since
that would lead to bgpd core dump when unintern the attr.

Signed-off-by: Yuan Yuan <yyuanam@amazon.com>
(cherry picked from commit 32af4995aae647cf9d7c70347ec37b57279ea807)

diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index 212d770842352ad7e92edd8ad34db211f48fb2d2..df145a9ea065d677c514c12d1d04539fea1c1091 100644 (file)
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -4417,6 +4417,10 @@ bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
                 * there! (JK)
                 * Folks, talk to me: what is reasonable here!?
                 */
+
+               /* Make sure dup aspath before the modification */
+               if (aspath == attr->aspath)
+                       aspath = aspath_dup(attr->aspath);
                aspath = aspath_delete_confed_seq(aspath);
 
                stream_putc(s,