Skip to content

Commit

Permalink
bgpd:aspath leak fix
Browse files Browse the repository at this point in the history
The function aspath_remove_private_asns was using an aspath to perform some operation and didnt free it after usage leading to the leak below.

***********************************************************************************
Address Sanitizer Error detected in bgp_remove_private_as_route_map.test_bgp_remove_private_as_route_map/r2.asan.bgpd.27074

=================================================================
==27074==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    FRRouting#1 0x7fd0a45932ff in qcalloc lib/memory.c:105
    FRRouting#2 0x562b630b44cc in aspath_dup bgpd/bgp_aspath.c:689
    FRRouting#3 0x562b62f48498 in route_set_aspath_prepend bgpd/bgp_routemap.c:2283
    FRRouting#4 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#5 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#6 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#7 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#8 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#9 0x562b62f6ae90 in subgroup_coalesce_timer bgpd/bgp_updgrp_adv.c:368
    FRRouting#10 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#11 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#12 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#13 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    FRRouting#1 0x7fd0a45932ff in qcalloc lib/memory.c:105
    FRRouting#2 0x562b630b44cc in aspath_dup bgpd/bgp_aspath.c:689
    FRRouting#3 0x562b62f48498 in route_set_aspath_prepend bgpd/bgp_routemap.c:2283
    FRRouting#4 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#5 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#6 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#7 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#8 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#9 0x562b62f5b844 in updgrp_policy_update_walkcb bgpd/bgp_updgrp.c:1685
    FRRouting#10 0x562b62f59442 in update_group_walkcb bgpd/bgp_updgrp.c:1721
    FRRouting#11 0x7fd0a455a7aa in hash_walk lib/hash.c:270
    FRRouting#12 0x562b62f64a48 in update_group_af_walk bgpd/bgp_updgrp.c:2062
    FRRouting#13 0x562b62f6508c in update_group_walk bgpd/bgp_updgrp.c:2071
    FRRouting#14 0x562b62f6520c in update_group_policy_update bgpd/bgp_updgrp.c:1769
    FRRouting#15 0x562b62f4c2be in bgp_route_map_process_update bgpd/bgp_routemap.c:4501
    FRRouting#16 0x562b62f4d81a in bgp_route_map_process_update_cb bgpd/bgp_routemap.c:4683
    FRRouting#17 0x7fd0a45ed7e8 in route_map_walk_update_list lib/routemap.c:870
    FRRouting#18 0x562b62f337a2 in bgp_route_map_update_timer bgpd/bgp_routemap.c:4695
    FRRouting#19 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#20 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#21 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#22 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 64 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    FRRouting#1 0x7fd0a459301f in qmalloc lib/memory.c:100
    FRRouting#2 0x562b630b313f in aspath_make_str_count bgpd/bgp_aspath.c:551
    FRRouting#3 0x562b630b3ecf in aspath_str_update bgpd/bgp_aspath.c:659
    FRRouting#4 0x562b630b88b7 in aspath_prepend bgpd/bgp_aspath.c:1484
    FRRouting#5 0x562b62f484a8 in route_set_aspath_prepend bgpd/bgp_routemap.c:2289
    FRRouting#6 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#7 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#8 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#9 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#10 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#11 0x562b62f6ae90 in subgroup_coalesce_timer bgpd/bgp_updgrp_adv.c:368
    FRRouting#12 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#13 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#14 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#15 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 64 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    FRRouting#1 0x7fd0a459301f in qmalloc lib/memory.c:100
    FRRouting#2 0x562b630b313f in aspath_make_str_count bgpd/bgp_aspath.c:551
    FRRouting#3 0x562b630b3ecf in aspath_str_update bgpd/bgp_aspath.c:659
    FRRouting#4 0x562b630b88b7 in aspath_prepend bgpd/bgp_aspath.c:1484
    FRRouting#5 0x562b62f484a8 in route_set_aspath_prepend bgpd/bgp_routemap.c:2289
    FRRouting#6 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#7 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#8 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#9 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#10 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#11 0x562b62f5b844 in updgrp_policy_update_walkcb bgpd/bgp_updgrp.c:1685
    FRRouting#12 0x562b62f59442 in update_group_walkcb bgpd/bgp_updgrp.c:1721
    FRRouting#13 0x7fd0a455a7aa in hash_walk lib/hash.c:270
    FRRouting#14 0x562b62f64a48 in update_group_af_walk bgpd/bgp_updgrp.c:2062
    FRRouting#15 0x562b62f6508c in update_group_walk bgpd/bgp_updgrp.c:2071
    FRRouting#16 0x562b62f6520c in update_group_policy_update bgpd/bgp_updgrp.c:1769
    FRRouting#17 0x562b62f4c2be in bgp_route_map_process_update bgpd/bgp_routemap.c:4501
    FRRouting#18 0x562b62f4d81a in bgp_route_map_process_update_cb bgpd/bgp_routemap.c:4683
    FRRouting#19 0x7fd0a45ed7e8 in route_map_walk_update_list lib/routemap.c:870
    FRRouting#20 0x562b62f337a2 in bgp_route_map_update_timer bgpd/bgp_routemap.c:4695
    FRRouting#21 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#22 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#23 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#24 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    FRRouting#1 0x7fd0a45932ff in qcalloc lib/memory.c:105
    FRRouting#2 0x562b630b280d in assegment_new bgpd/bgp_aspath.c:105
    FRRouting#3 0x562b630b28f7 in assegment_dup bgpd/bgp_aspath.c:145
    FRRouting#4 0x562b630b29e8 in assegment_dup_all bgpd/bgp_aspath.c:162
    FRRouting#5 0x562b630b8895 in aspath_prepend bgpd/bgp_aspath.c:1483
    FRRouting#6 0x562b62f484a8 in route_set_aspath_prepend bgpd/bgp_routemap.c:2289
    FRRouting#7 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#8 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#9 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#10 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#11 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#12 0x562b62f5b844 in updgrp_policy_update_walkcb bgpd/bgp_updgrp.c:1685
    FRRouting#13 0x562b62f59442 in update_group_walkcb bgpd/bgp_updgrp.c:1721
    FRRouting#14 0x7fd0a455a7aa in hash_walk lib/hash.c:270
    FRRouting#15 0x562b62f64a48 in update_group_af_walk bgpd/bgp_updgrp.c:2062
    FRRouting#16 0x562b62f6508c in update_group_walk bgpd/bgp_updgrp.c:2071
    FRRouting#17 0x562b62f6520c in update_group_policy_update bgpd/bgp_updgrp.c:1769
    FRRouting#18 0x562b62f4c2be in bgp_route_map_process_update bgpd/bgp_routemap.c:4501
    FRRouting#19 0x562b62f4d81a in bgp_route_map_process_update_cb bgpd/bgp_routemap.c:4683
    FRRouting#20 0x7fd0a45ed7e8 in route_map_walk_update_list lib/routemap.c:870
    FRRouting#21 0x562b62f337a2 in bgp_route_map_update_timer bgpd/bgp_routemap.c:4695
    FRRouting#22 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#23 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#24 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#25 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    FRRouting#1 0x7fd0a45932ff in qcalloc lib/memory.c:105
    FRRouting#2 0x562b630b280d in assegment_new bgpd/bgp_aspath.c:105
    FRRouting#3 0x562b630b28f7 in assegment_dup bgpd/bgp_aspath.c:145
    FRRouting#4 0x562b630b29e8 in assegment_dup_all bgpd/bgp_aspath.c:162
    FRRouting#5 0x562b630b8895 in aspath_prepend bgpd/bgp_aspath.c:1483
    FRRouting#6 0x562b62f484a8 in route_set_aspath_prepend bgpd/bgp_routemap.c:2289
    FRRouting#7 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#8 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#9 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#10 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#11 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#12 0x562b62f6ae90 in subgroup_coalesce_timer bgpd/bgp_updgrp_adv.c:368
    FRRouting#13 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#14 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#15 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#16 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    FRRouting#1 0x7fd0a459301f in qmalloc lib/memory.c:100
    FRRouting#2 0x562b630b2879 in assegment_data_new bgpd/bgp_aspath.c:83
    FRRouting#3 0x562b630b2879 in assegment_new bgpd/bgp_aspath.c:108
    FRRouting#4 0x562b630b28f7 in assegment_dup bgpd/bgp_aspath.c:145
    FRRouting#5 0x562b630b29e8 in assegment_dup_all bgpd/bgp_aspath.c:162
    FRRouting#6 0x562b630b8895 in aspath_prepend bgpd/bgp_aspath.c:1483
    FRRouting#7 0x562b62f484a8 in route_set_aspath_prepend bgpd/bgp_routemap.c:2289
    FRRouting#8 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#9 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#10 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#11 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#12 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#13 0x562b62f6ae90 in subgroup_coalesce_timer bgpd/bgp_updgrp_adv.c:368
    FRRouting#14 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#15 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#16 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#17 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7fd0a4b95b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    FRRouting#1 0x7fd0a459301f in qmalloc lib/memory.c:100
    FRRouting#2 0x562b630b2879 in assegment_data_new bgpd/bgp_aspath.c:83
    FRRouting#3 0x562b630b2879 in assegment_new bgpd/bgp_aspath.c:108
    FRRouting#4 0x562b630b28f7 in assegment_dup bgpd/bgp_aspath.c:145
    FRRouting#5 0x562b630b29e8 in assegment_dup_all bgpd/bgp_aspath.c:162
    FRRouting#6 0x562b630b8895 in aspath_prepend bgpd/bgp_aspath.c:1483
    FRRouting#7 0x562b62f484a8 in route_set_aspath_prepend bgpd/bgp_routemap.c:2289
    FRRouting#8 0x7fd0a45ec39a in route_map_apply_ext lib/routemap.c:2690
    FRRouting#9 0x562b62efbb1f in subgroup_announce_check bgpd/bgp_route.c:2434
    FRRouting#10 0x562b62efd4e2 in subgroup_process_announce_selected bgpd/bgp_route.c:2990
    FRRouting#11 0x562b62f6a829 in subgroup_announce_table bgpd/bgp_updgrp_adv.c:765
    FRRouting#12 0x562b62f6acbb in subgroup_announce_route bgpd/bgp_updgrp_adv.c:818
    FRRouting#13 0x562b62f5b844 in updgrp_policy_update_walkcb bgpd/bgp_updgrp.c:1685
    FRRouting#14 0x562b62f59442 in update_group_walkcb bgpd/bgp_updgrp.c:1721
    FRRouting#15 0x7fd0a455a7aa in hash_walk lib/hash.c:270
    FRRouting#16 0x562b62f64a48 in update_group_af_walk bgpd/bgp_updgrp.c:2062
    FRRouting#17 0x562b62f6508c in update_group_walk bgpd/bgp_updgrp.c:2071
    FRRouting#18 0x562b62f6520c in update_group_policy_update bgpd/bgp_updgrp.c:1769
    FRRouting#19 0x562b62f4c2be in bgp_route_map_process_update bgpd/bgp_routemap.c:4501
    FRRouting#20 0x562b62f4d81a in bgp_route_map_process_update_cb bgpd/bgp_routemap.c:4683
    FRRouting#21 0x7fd0a45ed7e8 in route_map_walk_update_list lib/routemap.c:870
    FRRouting#22 0x562b62f337a2 in bgp_route_map_update_timer bgpd/bgp_routemap.c:4695
    FRRouting#23 0x7fd0a463322a in event_call lib/event.c:1970
    FRRouting#24 0x7fd0a4576566 in frr_run lib/libfrr.c:1214
    FRRouting#25 0x562b62dbd8f1 in main bgpd/bgp_main.c:510
    FRRouting#26 0x7fd0a35b8c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 416 byte(s) leaked in 16 allocation(s).
***********************************************************************************

Signed-off-by: ryndia <dindyalsarvesh@gmail.com>
  • Loading branch information
ryndia committed Nov 10, 2023
1 parent 448f75e commit d4417ea
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion bgpd/bgp_aspath.c
Original file line number Diff line number Diff line change
Expand Up @@ -1407,7 +1407,8 @@ struct aspath *aspath_remove_private_asns(struct aspath *aspath, as_t peer_asn)
last_new_seg = new_seg;
seg = seg->next;
}

if(!aspath->refcnt)
aspath_free(aspath);
aspath_str_update(new, false);
return new;
}
Expand Down

0 comments on commit d4417ea

Please sign in to comment.