From: claudio Date: Tue, 10 Oct 2023 14:36:28 +0000 (+0000) Subject: When rewriting community_writebuf() the handling of non-transitive X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=578f8c8857308c1dca3745fe0bae04d8bd0556b8;p=openbsd When rewriting community_writebuf() the handling of non-transitive ext-communities was put into the wrong place in the loop finding start, end and number of communities to dump. As a result the end pointer for regular communities can point at an ext-community and with that the COMMUNITY attribute written includes unexpected extra bytes. This in turn causes the peer to send a NOTIFICATION error and to terminate the session. Fix for -portable issue #64 reported by Pier Carlo Chiodi (pierky) OK tb@ --- diff --git a/usr.sbin/bgpd/rde_community.c b/usr.sbin/bgpd/rde_community.c index d7a8717f475..803a374e8b6 100644 --- a/usr.sbin/bgpd/rde_community.c +++ b/usr.sbin/bgpd/rde_community.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_community.c,v 1.13 2023/07/12 14:45:43 claudio Exp $ */ +/* $OpenBSD: rde_community.c,v 1.14 2023/10/10 14:36:28 claudio Exp $ */ /* * Copyright (c) 2019 Claudio Jeker @@ -556,10 +556,9 @@ community_writebuf(struct rde_community *comm, uint8_t type, int ebgp, start = -1; for (l = 0; l < comm->nentries; l++) { cp = &comm->communities[l]; - - if (ebgp && non_transitive_ext_community(cp)) - continue; if ((uint8_t)cp->flags == t) { + if (ebgp && non_transitive_ext_community(cp)) + continue; num++; if (start == -1) start = l;