Skip to content

Commit

Permalink
bgpd: Fix SRv6 memory leaks spotted by ASAN
Browse files Browse the repository at this point in the history
Fix a couple of memory leaks spotted by Address Sanitizer:

```

=================================================================
==970960==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 592 byte(s) in 2 object(s) allocated from:
    #0 0xfeb98b28a4b4 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    #1 0xfeb98ae572f8 in qcalloc lib/memory.c:105
    #2 0xfeb98ae76138 in srv6_locator_chunk_alloc lib/srv6.c:138
    #3 0xb7f3c8508fa0 in ensure_vrf_tovpn_sid_per_vrf bgpd/bgp_mplsvpn.c:831
    #4 0xb7f3c8509494 in ensure_vrf_tovpn_sid bgpd/bgp_mplsvpn.c:866
    #5 0xb7f3c85028a8 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:289
    #6 0xb7f3c851a7c0 in vpn_leak_postchange_all bgpd/bgp_mplsvpn.c:3769
    #7 0xb7f3c86f6ef0 in bgp_zebra_process_srv6_locator_chunk bgpd/bgp_zebra.c:3378
    #8 0xfeb98afa6e14 in zclient_read lib/zclient.c:4608
    #9 0xfeb98af3d684 in event_call lib/event.c:2011
    #10 0xfeb98ae2788c in frr_run lib/libfrr.c:1217
    #11 0xb7f3c83cbf0c in main bgpd/bgp_main.c:545
    #12 0xfeb98a8973f8 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #13 0xfeb98a8974c8 in __libc_start_main_impl ../csu/libc-start.c:392
    #14 0xb7f3c83c832c in _start (/usr/lib/frr/bgpd+0x2d832c)

Direct leak of 32 byte(s) in 2 object(s) allocated from:
    #0 0xfeb98b28a4b4 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    #1 0xfeb98ae572f8 in qcalloc lib/memory.c:105
    #2 0xb7f3c8508fd8 in ensure_vrf_tovpn_sid_per_vrf bgpd/bgp_mplsvpn.c:832
    #3 0xb7f3c8509494 in ensure_vrf_tovpn_sid bgpd/bgp_mplsvpn.c:866
    #4 0xb7f3c85028a8 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:289
    #5 0xb7f3c851a7c0 in vpn_leak_postchange_all bgpd/bgp_mplsvpn.c:3769
    #6 0xb7f3c86f6ef0 in bgp_zebra_process_srv6_locator_chunk bgpd/bgp_zebra.c:3378
    #7 0xfeb98afa6e14 in zclient_read lib/zclient.c:4608
    #8 0xfeb98af3d684 in event_call lib/event.c:2011
    #9 0xfeb98ae2788c in frr_run lib/libfrr.c:1217
    #10 0xb7f3c83cbf0c in main bgpd/bgp_main.c:545
    #11 0xfeb98a8973f8 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #12 0xfeb98a8974c8 in __libc_start_main_impl ../csu/libc-start.c:392
    #13 0xb7f3c83c832c in _start (/usr/lib/frr/bgpd+0x2d832c)

Direct leak of 32 byte(s) in 2 object(s) allocated from:
    #0 0xfeb98b28a4b4 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    #1 0xfeb98ae572f8 in qcalloc lib/memory.c:105
    #2 0xb7f3c8506520 in vpn_leak_zebra_vrf_sid_update_per_vrf bgpd/bgp_mplsvpn.c:439
    #3 0xb7f3c85068d8 in vpn_leak_zebra_vrf_sid_update bgpd/bgp_mplsvpn.c:459
    #4 0xb7f3c86f6aec in bgp_ifp_create bgpd/bgp_zebra.c:3345
    #5 0xfeb98adfd3f8 in hook_call_if_real lib/if.c:48
    #6 0xfeb98adfe750 in if_new_via_zapi lib/if.c:181
    #7 0xfeb98af98084 in zclient_interface_add lib/zclient.c:2592
    #8 0xfeb98afa6d24 in zclient_read lib/zclient.c:4606
    #9 0xfeb98af3d684 in event_call lib/event.c:2011
    #10 0xfeb98ae2788c in frr_run lib/libfrr.c:1217
    #11 0xb7f3c83cbf0c in main bgpd/bgp_main.c:545
    #12 0xfeb98a8973f8 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #13 0xfeb98a8974c8 in __libc_start_main_impl ../csu/libc-start.c:392
    #14 0xb7f3c83c832c in _start (/usr/lib/frr/bgpd+0x2d832c)

SUMMARY: AddressSanitizer: 656 byte(s) leaked in 6 allocation(s).

```

Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
(cherry picked from commit 65e0111)
  • Loading branch information
cscarpitta authored and mergify[bot] committed May 9, 2024
1 parent fb66adb commit 4bf7c81
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions bgpd/bgpd.c
Original file line number Diff line number Diff line change
Expand Up @@ -1473,6 +1473,15 @@ static void bgp_srv6_init(struct bgp *bgp)

static void bgp_srv6_cleanup(struct bgp *bgp)
{
if (bgp->tovpn_sid_locator != NULL)
srv6_locator_chunk_free(&bgp->tovpn_sid_locator);
if (bgp->tovpn_zebra_vrf_sid_last_sent != NULL)
XFREE(MTYPE_BGP_SRV6_SID, bgp->tovpn_zebra_vrf_sid_last_sent);
if (bgp->tovpn_sid != NULL) {
sid_unregister(bgp, bgp->tovpn_sid);
XFREE(MTYPE_BGP_SRV6_SID, bgp->tovpn_sid);
}

if (bgp->srv6_locator_chunks)
list_delete(&bgp->srv6_locator_chunks);
if (bgp->srv6_functions)
Expand Down

0 comments on commit 4bf7c81

Please sign in to comment.