zebra: check pbr rule msg for correct afi

further down we hash the src & dst ip, which asserts that the afi is one
of the well known ones, given the field names i assume the correct afis
here are af_inet[6]

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>

diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index 0e7dc5ce9b8f7f389b8a6c9a0e52cdc63a8e918e..88e72ed8b3dc11d440dc490565c87c75b9742990 100644 (file)
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -2289,6 +2289,20 @@ static inline void zread_rule(ZAPI_HANDLER_ARGS)
                if (zpr.rule.filter.fwmark)
                        zpr.rule.filter.filter_bm |= PBR_FILTER_FWMARK;
 
+               if (!(zpr.rule.filter.src_ip.family == AF_INET
+                     || zpr.rule.filter.src_ip.family == AF_INET6)) {
+                       zlog_warn("Unsupported PBR source IP family: %s\n",
+                                 family2str(zpr.rule.filter.src_ip.family));
+                       return;
+               }
+               if (!(zpr.rule.filter.dst_ip.family == AF_INET
+                     || zpr.rule.filter.dst_ip.family == AF_INET6)) {
+                       zlog_warn("Unsupported PBR dest IP family: %s\n",
+                                 family2str(zpr.rule.filter.dst_ip.family));
+                       return;
+               }
+
+
                zpr.vrf_id = zvrf->vrf->vrf_id;
                if (hdr->command == ZEBRA_RULE_ADD)
                        zebra_pbr_add_rule(&zpr);