From 4b150ae78a51298c07de1bde940a19f1bd4a4d1e Mon Sep 17 00:00:00 2001
From: vivek <vivek@cumulusnetworks.com>
Date: Thu, 7 Jan 2016 22:14:38 -0800
Subject: [PATCH] BGP: Only accept prefixes for negotiated address families

When handling a received Update message, only process and store the
prefixes if the corresponding address family has been negotiated with
the peer. Prior to this change, the receive processing only checked
whether the address family was locally configured, trusting to the peer
to not advertise prefixes for an address family that has not been
negotiated. Most implementations conform to this but a misbehavior could
result in processing and memory overhead.

Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by:   Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by:   Daniel Walton <dwalton@cumulusnetworks.com>

Ticket: CM-5594
Reviewed By: CCR-3946
Testing Done: Sanity test (good case)
---
 bgpd/bgp_packet.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
index be3a52864a..933a504851 100644
--- a/bgpd/bgp_packet.c
+++ b/bgpd/bgp_packet.c
@@ -1499,9 +1499,10 @@ bgp_update_receive (struct peer *peer, bgp_size_t size)
         }
     }
 
-  /* NLRI is processed only when the peer is configured specific
-     Address Family and Subsequent Address Family. */
-  if (peer->afc[AFI_IP][SAFI_UNICAST])
+  /* NLRI is processed only when the the corresponding address-family
+   * has been negotiated with the peer.
+   */
+  if (peer->afc_nego[AFI_IP][SAFI_UNICAST])
     {
       if (withdraw.length)
 	bgp_nlri_parse (peer, NULL, &withdraw);
@@ -1538,7 +1539,7 @@ bgp_update_receive (struct peer *peer, bgp_size_t size)
 	    zlog_debug ("rcvd End-of-RIB for IPv4 Unicast from %s", peer->host);
 	}
     }
-  if (peer->afc[AFI_IP][SAFI_MULTICAST])
+  if (peer->afc_nego[AFI_IP][SAFI_MULTICAST])
     {
       if (mp_update.length
 	  && mp_update.afi == AFI_IP 
@@ -1572,7 +1573,7 @@ bgp_update_receive (struct peer *peer, bgp_size_t size)
 	    zlog_debug ("rcvd End-of-RIB for IPv4 Multicast from %s", peer->host);
 	}
     }
-  if (peer->afc[AFI_IP6][SAFI_UNICAST])
+  if (peer->afc_nego[AFI_IP6][SAFI_UNICAST])
     {
       if (mp_update.length 
 	  && mp_update.afi == AFI_IP6 
@@ -1605,7 +1606,7 @@ bgp_update_receive (struct peer *peer, bgp_size_t size)
 	    zlog_debug ("rcvd End-of-RIB for IPv6 Unicast from %s", peer->host);
 	}
     }
-  if (peer->afc[AFI_IP6][SAFI_MULTICAST])
+  if (peer->afc_nego[AFI_IP6][SAFI_MULTICAST])
     {
       if (mp_update.length 
 	  && mp_update.afi == AFI_IP6 
@@ -1639,7 +1640,7 @@ bgp_update_receive (struct peer *peer, bgp_size_t size)
 	    zlog_debug ("rcvd End-of-RIB for IPv6 Multicast from %s", peer->host);
 	}
     }
-  if (peer->afc[AFI_IP][SAFI_MPLS_VPN])
+  if (peer->afc_nego[AFI_IP][SAFI_MPLS_VPN])
     {
       if (mp_update.length 
 	  && mp_update.afi == AFI_IP 
-- 
2.39.5