In rde_attr_parse() if an attribute causes a parse error which results in

a treat-as-withdraw consume the full attribute by updating plen else the
parser will fail parsing a possible next element which results in a
session reset.

Initial report by Ben Cox (ben at benjojo.co.uk)
OK tb@

diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c
index 894e541..4d249a5 100644 (file)
--- a/usr.sbin/bgpd/rde.c
+++ b/usr.sbin/bgpd/rde.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: rde.c,v 1.606 2023/06/12 12:48:07 claudio Exp $ */
+/*     $OpenBSD: rde.c,v 1.607 2023/07/12 12:31:28 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -2196,7 +2196,7 @@ bad_flags:
                        goto bad_flags;
                if (peer->conf.ebgp) {
                        /* ignore local-pref attr on non ibgp peers */
-                       plen += 4;
+                       plen += attr_len;
                        break;
                }
                if (a->flags & F_ATTR_LOCALPREF)
@@ -2220,7 +2220,7 @@ bad_flags:
                         * RFC 7606
                         */
                        log_peer_warnx(&peer->conf, "bad AGGREGATOR, "
-                           "partial attribute ignored");
+                           "attribute discarded");
                        plen += attr_len;
                        break;
                }
@@ -2268,7 +2268,6 @@ bad_flags:
                        a->flags |= F_ATTR_PARSE_ERR;
                        log_peer_warnx(&peer->conf, "bad COMMUNITIES, "
                            "path invalidated and prefix withdrawn");
-                       break;
                }
                plen += attr_len;
                break;
@@ -2285,7 +2284,6 @@ bad_flags:
                        a->flags |= F_ATTR_PARSE_ERR;
                        log_peer_warnx(&peer->conf, "bad LARGE COMMUNITIES, "
                            "path invalidated and prefix withdrawn");
-                       break;
                }
                plen += attr_len;
                break;
@@ -2302,7 +2300,6 @@ bad_flags:
                        a->flags |= F_ATTR_PARSE_ERR;
                        log_peer_warnx(&peer->conf, "bad EXT_COMMUNITIES, "
                            "path invalidated and prefix withdrawn");
-                       break;
                }
                plen += attr_len;
                break;
@@ -2349,10 +2346,8 @@ bad_flags:
        case ATTR_AS4_AGGREGATOR:
                if (attr_len != 8) {
                        /* see ATTR_AGGREGATOR ... */
-                       if ((flags & ATTR_PARTIAL) == 0)
-                               goto bad_len;
                        log_peer_warnx(&peer->conf, "bad AS4_AGGREGATOR, "
-                           "partial attribute ignored");
+                           "attribute discarded");
                        plen += attr_len;
                        break;
                }
@@ -2388,6 +2383,7 @@ bad_flags:
                        a->flags |= F_ATTR_PARSE_ERR;
                        log_peer_warnx(&peer->conf, "bad OTC, "
                            "path invalidated and prefix withdrawn");
+                       plen += attr_len;
                        break;
                }
                if (!CHECK_FLAGS(flags, ATTR_OPTIONAL|ATTR_TRANSITIVE,