Segmentation fault caused by malformed BGP packet
Ondrej Zajicek
santiago at crfreenet.org
Tue May 31 17:27:12 CEST 2011
On Tue, May 31, 2011 at 01:34:15PM +0200, Ivo Smits wrote:
> Op 31-5-2011 2:00, Ondrej Zajicek schreef:
>> On Mon, May 30, 2011 at 05:45:20PM +0200, Ivo Smits wrote:
>>> ...
>>> Disabling this peer fixed the crashes, enabling the peer brought them
>>> back. After some investigation, it turned out that this BGP peer sends
>>> an ORIGIN attribute even with BGP packets that only withdraw a route;
>>> bird does not do this. Changing the peer's sourcecode to not send the
>>> ORIGIN attribute for withdrawn routes, fixed the crashes in bird.
>> Thanks for the bugreport. Could you try the attached patch?
>> (But this bug is even in 1.2.3, not sure why it didn't show before.)
> Thanks for the quick fix. We have tested the patch and it appears to
> work - bird no longer crashes.
>
> The 'non-standard' BGP node has been peered with at least bird 1.2.3 and
> 1.2.5, without any problems.
After a second look it is clear that the bug was introduced in 1.3.0.
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20110531/a46a8715/attachment-0001.asc>
More information about the Bird-users
mailing list