zebra: guard against junk in nexthop->rmap_src

rmap_src wasn't initialized, so for IPv4 the unused 12 bytes would contain whatever junk is on the stack on function entry. Also move the IPv4 parse before the IPv6 parse so if it's successful we can be sure the other bytes haven't been touched. Signed-off-by: David Lamparter <equinox@opensourcerouting.org> (cherry picked from commit b666ee510eb480da50476b1bbc84bdf8365df95c)
author: David Lamparter <equinox@opensourcerouting.org> 2025-01-22 11:17:21 +0100
committer: Mergify <37929162+mergify[bot]@users.noreply.github.com> 2025-02-11 08:43:29 +0000
commit: e74b0ca0fcff59cc83799fc39d99800e0e0ee52f (patch)
tree: 0926bfa8ade72568727e5d3f7802035d4bd17a54 /zebra
parent: 9a8ad94ce9f29d078d681aad28d18e29c0ce5ef6 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/zebra/zebra_routemap.c b/zebra/zebra_routemap.c
index 73ffa09c16..2813f037a2 100644
--- a/zebra/zebra_routemap.c
+++ b/zebra/zebra_routemap.c
@@ -959,10 +959,11 @@ route_set_src(void *rule, const struct prefix *prefix, void *object)
 /* set src compilation. */
 static void *route_set_src_compile(const char *arg)
 {
-	union g_addr src, *psrc;
+	union g_addr src = {}, *psrc;
 
-	if ((inet_pton(AF_INET6, arg, &src.ipv6) == 1)
-	    || (inet_pton(AF_INET, arg, &src.ipv4) == 1)) {
+	/* IPv4 first, to ensure no garbage in the 12 unused bytes */
+	if ((inet_pton(AF_INET, arg, &src.ipv4) == 1) ||
+	    (inet_pton(AF_INET6, arg, &src.ipv6) == 1)) {
 		psrc = XMALLOC(MTYPE_ROUTE_MAP_COMPILED, sizeof(union g_addr));
 		*psrc = src;
 		return psrc;
author	David Lamparter <equinox@opensourcerouting.org>	2025-01-22 11:17:21 +0100
committer	Mergify <37929162+mergify[bot]@users.noreply.github.com>	2025-02-11 08:43:29 +0000
commit	e74b0ca0fcff59cc83799fc39d99800e0e0ee52f (patch)
tree	0926bfa8ade72568727e5d3f7802035d4bd17a54 /zebra
parent	9a8ad94ce9f29d078d681aad28d18e29c0ce5ef6 (diff)