bgpd: fix invalid memory access in peer_free()

We shoult not call bgp_unlock() before calling
bgp_delete_connected_nexthop() in the peer_free() function. Otherwise,
if bgp->lock reaches zero, bgp_free() is called and peer->bgp becomes
an invalid pointer in the bgp_delete_connected_nexthop() function.

To fix this, move the call to bgp_unlock() to the end of peer_free().

Bug exposed by commit 37d361e ("bgpd: plug several memleaks").

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>

0 files changed, 0 insertions, 0 deletions