From 20593bf0fb520d6a5283df3fbd9eba56e96b7edd Mon Sep 17 00:00:00 2001
From: Carmine Scarpitta <cscarpit@cisco.com>
Date: Fri, 3 May 2024 23:35:05 +0200
Subject: [PATCH] bgpd: Fix crash when deleting the SRv6 locator

When BGP receives a `SRV6_LOCATOR_DEL` from zebra, it invokes
`bgp_zebra_process_srv6_locator_delete` to process the message.

`bgp_zebra_process_srv6_locator_delete` obtains a pointer to the default
BGP instance and then dereferences this pointer.

If the default BGP instance is not ready / not configured yet, this
pointer this pointer is `NULL` and dereferencing it causes BGP to crash.

This commit fix the issue by adding a a check to verify if the pointer
is `NULL` and returning early if it is.

Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
(cherry picked from commit ae3241b96d7be08d627f142030a41031492ffaf5)
---
 bgpd/bgp_zebra.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bgpd/bgp_zebra.c b/bgpd/bgp_zebra.c
index 87f2e55b3f..d22c57c1a7 100644
--- a/bgpd/bgp_zebra.c
+++ b/bgpd/bgp_zebra.c
@@ -3210,6 +3210,9 @@ static int bgp_zebra_process_srv6_locator_delete(ZAPI_CALLBACK_ARGS)
 	struct in6_addr *tovpn_sid;
 	struct prefix_ipv6 tmp_prefi;
 
+	if (!bgp)
+		return 0;
+
 	if (zapi_srv6_locator_decode(zclient->ibuf, &loc) < 0)
 		return -1;
 
-- 
2.39.5