From b571176aea651de626e830b9e79e848851eb982d Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Tue, 16 Jan 2024 14:35:10 +0200
Subject: [PATCH] bgpd: Set AS4 capability received flag only if parsed
 correctly

If we receive a malformed packet, we might end-up with a bad state.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---
 bgpd/bgp_open.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
index 09f16bbce6..b85e717457 100644
--- a/bgpd/bgp_open.c
+++ b/bgpd/bgp_open.c
@@ -622,8 +622,6 @@ static int bgp_capability_llgr(struct peer *peer,
 /* Unlike other capability parsing routines, this one returns 0 on error */
 static as_t bgp_capability_as4(struct peer *peer, struct capability_header *hdr)
 {
-	SET_FLAG(peer->cap, PEER_CAP_AS4_RCV);
-
 	if (hdr->length != CAPABILITY_CODE_AS4_LEN) {
 		flog_err(EC_BGP_PKT_OPEN,
 			 "%s AS4 capability has incorrect data length %d",
@@ -633,6 +631,8 @@ static as_t bgp_capability_as4(struct peer *peer, struct capability_header *hdr)
 
 	as_t as4 = stream_getl(BGP_INPUT(peer));
 
+	SET_FLAG(peer->cap, PEER_CAP_AS4_RCV);
+
 	if (BGP_DEBUG(as4, AS4))
 		zlog_debug(
 			"%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
-- 
2.39.5