bgpd: Fix crash when deleting the SRv6 locator

When BGP receives a `SRV6_LOCATOR_DEL` from zebra, it invokes
`bgp_zebra_process_srv6_locator_delete` to process the message.

`bgp_zebra_process_srv6_locator_delete` obtains a pointer to the default
BGP instance and then dereferences this pointer.

If the default BGP instance is not ready / not configured yet, this
pointer this pointer is `NULL` and dereferencing it causes BGP to crash.

This commit fix the issue by adding a a check to verify if the pointer
is `NULL` and returning early if it is.

Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>

diff --git a/bgpd/bgp_zebra.c b/bgpd/bgp_zebra.c
index 15ed98933e8de395604653b86b2a1882cb520638..ad3e59060ae1174fad751309a765c320f4abcd02 100644 (file)
--- a/bgpd/bgp_zebra.c
+++ b/bgpd/bgp_zebra.c
@@ -3408,6 +3408,9 @@ static int bgp_zebra_process_srv6_locator_delete(ZAPI_CALLBACK_ARGS)
        struct in6_addr *tovpn_sid;
        struct prefix_ipv6 tmp_prefi;
 
+       if (!bgp)
+               return 0;
+
        if (zapi_srv6_locator_decode(zclient->ibuf, &loc) < 0)
                return -1;