From: rgirada Date: Mon, 29 Aug 2022 10:51:39 +0000 (-0700) Subject: ospfd: crash when router acts as GR helper upon a topo change X-Git-Tag: docker/8.3.1~2^2 X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=3f247df779bc6a15ca351b564b7ce293e50a42e4;p=matthieu%2Ffrr.git ospfd: crash when router acts as GR helper upon a topo change Description: ospf process is crashing when the current router acts as GR helper and it received a new lsa. Here, ospf_lsa_different() is being called without checking 'old' pointer. It is asserted in ospf_lsa_different() api if the 'old' pointer is NULL. corrected this by validaing old pointer before calling ospf_lsa_different() api. back tarce: Program terminated with signal SIGABRT, Aborted. 0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 [Current thread is 1 (Thread 0x6b84348827c0 (LWP 3155))] 0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 1 0x00006b8433aa4801 in __GI_abort () at abort.c:79 2 0x00006b8433a9439a in __assert_fail_base (fmt=0x6b8433c1b7d8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x162ffc0630bc "l1", file=file@entry=0x162ffc062ff7 "ospfd/ospf_lsa.c", line=line@entry=3520, function=function@entry=0x162ffc0646f0 <__PRETTY_FUNCTION__.18732> "ospf_lsa_different") at assert.c:92 3 0x00006b8433a94412 in __GI___assert_fail (assertion=assertion@entry=0x162ffc0630bc "l1", file=file@entry=0x162ffc062ff7 "ospfd/ospf_lsa.c", line=line@entry=3520, function=function@entry=0x162ffc0646f0 <__PRETTY_FUNCTION__.18732> "ospf_lsa_different") at assert.c:101 4 0x0000162ffc008c25 in ospf_lsa_different (l1=l1@entry=0x0, l2=l2@entry=0x162ffe535c60, ignore_rcvd_flag=ignore_rcvd_flag@entry=true) at ospfd/ospf_lsa.c:3520 5 0x0000162ffc00a8e8 in ospf_lsa_install (ospf=ospf@entry=0x162ffe513650, oi=oi@entry=0x162ffe531c30, lsa=lsa@entry=0x162ffe535c60) at ospfd/ospf_lsa.c:2892 6 0x0000162ffc059d16 in ospf_flood (ospf=0x162ffe513650, nbr=nbr@entry=0x162ffe52cc90, current=current@entry=0x0, new=new@entry=0x162ffe535c60) at ospfd/ospf_flood.c:429 7 0x0000162ffc01838f in ospf_ls_upd (size=, oi=0x162ffe531c30, s=, ospfh=, iph=, ospf=) at ospfd/ospf_packet.c:2162 8 ospf_read_helper (ospf=) at ospfd/ospf_packet.c:3241 9 ospf_read (thread=) at ospfd/ospf_packet.c:3272 10 0x00006b843450139c in thread_call (thread=thread@entry=0x7780f42c7480) at lib/thread.c:1692 11 0x00006b84344cfb18 in frr_run (master=0x162ffe34d130) at lib/libfrr.c:1068 Signed-off-by: Rajesh Girada (cherry picked from commit ef151af79b90aaa0b9637e0280e0a9d1eb408523) --- diff --git a/ospfd/ospf_lsa.c b/ospfd/ospf_lsa.c index 2be81042a6..8d05cebcdc 100644 --- a/ospfd/ospf_lsa.c +++ b/ospfd/ospf_lsa.c @@ -2868,10 +2868,11 @@ struct ospf_lsa *ospf_lsa_install(struct ospf *ospf, struct ospf_interface *oi, * So, router should be aborted from HELPER role * if it is detected as TOPO change. */ - if (ospf->active_restarter_cnt - && CHECK_LSA_TYPE_1_TO_5_OR_7(lsa->data->type) - && ospf_lsa_different(old, lsa, true)) - ospf_helper_handle_topo_chg(ospf, lsa); + if (ospf->active_restarter_cnt && + CHECK_LSA_TYPE_1_TO_5_OR_7(lsa->data->type)) { + if (old == NULL || ospf_lsa_different(old, lsa, true)) + ospf_helper_handle_topo_chg(ospf, lsa); + } rt_recalc = 1; }