From 9acc98c865bfc3aae2748ac5e922918dd70885d8 Mon Sep 17 00:00:00 2001 From: Igor Ryzhov Date: Tue, 2 Nov 2021 23:54:43 +0300 Subject: [PATCH] zebra: fix stale pointer when netns is deleted When the netns is deleted, we should always clear the vrf->ns_ctxt pointer. Currently, it is not cleared when there are interfaces in the netns at the time of deletion. If the netns is re-created, zebra crashes because it tries to use the stale pointer. Signed-off-by: Igor Ryzhov --- lib/vrf.c | 4 +--- zebra/zebra_netns_notify.c | 1 + 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/vrf.c b/lib/vrf.c index 847899f0ba..a9a5a83794 100644 --- a/lib/vrf.c +++ b/lib/vrf.c @@ -256,10 +256,8 @@ void vrf_delete(struct vrf *vrf) * the ID mapping. Interfaces assigned to this VRF should've been * removed already as part of the VRF going down. */ - if (vrf_is_user_cfged(vrf)) { - vrf->ns_ctxt = NULL; + if (vrf_is_user_cfged(vrf)) return; - } /* Do not delete the VRF if it has interfaces configured in it. */ if (!RB_EMPTY(if_name_head, &vrf->ifaces_by_name)) diff --git a/zebra/zebra_netns_notify.c b/zebra/zebra_netns_notify.c index 0d260ad639..5b9539904f 100644 --- a/zebra/zebra_netns_notify.c +++ b/zebra/zebra_netns_notify.c @@ -165,6 +165,7 @@ static int zebra_ns_delete(char *name) /* the deletion order is the same * as the one used when siging signal is received */ + vrf->ns_ctxt = NULL; vrf_delete(vrf); if (ns) ns_delete(ns); -- 2.39.5