bgpd: fix bgpd core when unintern attr

When the remote peer is neither EBGP nor confed, aspath is the
shadow copy of attr->aspath in bgp_packet_attribute(). Striping
AS4_PATH should not be done on the aspath directly, since
that would lead to bgpd core dump when unintern the attr.

Signed-off-by: Yuan Yuan <yyuanam@amazon.com>
(cherry picked from commit 32af4995aae647cf9d7c70347ec37b57279ea807)

diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index 3aad9484c91b8ebf08a1a93effbde716818c1c56..b3421d3a247abc6c97e70be6fcacde6bf53746cb 100644 (file)
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -4764,6 +4764,10 @@ bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
                 * there! (JK)
                 * Folks, talk to me: what is reasonable here!?
                 */
+
+               /* Make sure dup aspath before the modification */
+               if (aspath == attr->aspath)
+                       aspath = aspath_dup(attr->aspath);
                aspath = aspath_delete_confed_seq(aspath);
 
                stream_putc(s,