From 099ef0afd1d3a8f80ee8fd5e9347ce3c013731b0 Mon Sep 17 00:00:00 2001
From: claudio <claudio@openbsd.org>
Date: Wed, 12 Jul 2023 12:31:28 +0000
Subject: [PATCH] In rde_attr_parse() if an attribute causes a parse error
 which results in a treat-as-withdraw consume the full attribute by updating
 plen else the parser will fail parsing a possible next element which results
 in a session reset.

Initial report by Ben Cox (ben at benjojo.co.uk)
OK tb@
---
 usr.sbin/bgpd/rde.c | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c
index 894e541f5fb..4d249a56611 100644
--- a/usr.sbin/bgpd/rde.c
+++ b/usr.sbin/bgpd/rde.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rde.c,v 1.606 2023/06/12 12:48:07 claudio Exp $ */
+/*	$OpenBSD: rde.c,v 1.607 2023/07/12 12:31:28 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -2196,7 +2196,7 @@ bad_flags:
 			goto bad_flags;
 		if (peer->conf.ebgp) {
 			/* ignore local-pref attr on non ibgp peers */
-			plen += 4;
+			plen += attr_len;
 			break;
 		}
 		if (a->flags & F_ATTR_LOCALPREF)
@@ -2220,7 +2220,7 @@ bad_flags:
 			 * RFC 7606
 			 */
 			log_peer_warnx(&peer->conf, "bad AGGREGATOR, "
-			    "partial attribute ignored");
+			    "attribute discarded");
 			plen += attr_len;
 			break;
 		}
@@ -2268,7 +2268,6 @@ bad_flags:
 			a->flags |= F_ATTR_PARSE_ERR;
 			log_peer_warnx(&peer->conf, "bad COMMUNITIES, "
 			    "path invalidated and prefix withdrawn");
-			break;
 		}
 		plen += attr_len;
 		break;
@@ -2285,7 +2284,6 @@ bad_flags:
 			a->flags |= F_ATTR_PARSE_ERR;
 			log_peer_warnx(&peer->conf, "bad LARGE COMMUNITIES, "
 			    "path invalidated and prefix withdrawn");
-			break;
 		}
 		plen += attr_len;
 		break;
@@ -2302,7 +2300,6 @@ bad_flags:
 			a->flags |= F_ATTR_PARSE_ERR;
 			log_peer_warnx(&peer->conf, "bad EXT_COMMUNITIES, "
 			    "path invalidated and prefix withdrawn");
-			break;
 		}
 		plen += attr_len;
 		break;
@@ -2349,10 +2346,8 @@ bad_flags:
 	case ATTR_AS4_AGGREGATOR:
 		if (attr_len != 8) {
 			/* see ATTR_AGGREGATOR ... */
-			if ((flags & ATTR_PARTIAL) == 0)
-				goto bad_len;
 			log_peer_warnx(&peer->conf, "bad AS4_AGGREGATOR, "
-			    "partial attribute ignored");
+			    "attribute discarded");
 			plen += attr_len;
 			break;
 		}
@@ -2388,6 +2383,7 @@ bad_flags:
 			a->flags |= F_ATTR_PARSE_ERR;
 			log_peer_warnx(&peer->conf, "bad OTC, "
 			    "path invalidated and prefix withdrawn");
+			plen += attr_len;
 			break;
 		}
 		if (!CHECK_FLAGS(flags, ATTR_OPTIONAL|ATTR_TRANSITIVE,
-- 
2.20.1