From: Ondrej Zajicek <santiago@crfreenet.org>
Date: Thu, 27 Mar 2025 16:43:56 +0000 (+0100)
Subject: BFD: Fix crash related to reconfiguration and passwords
X-Git-Tag: v3.0.2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=34379ce5a18b89f5fae179d23c2208ec86bd936a;p=thirdparty%2Fbird.git

BFD: Fix crash related to reconfiguration and passwords

Any change in BFD iface configuration should trigger session
reconfiguration, as config is copied into the bfd_session structure
and not just accessed through the bfd_iface structure.

As bfd_session now contains a pointer to the password list allocated
from the configuration, forgetting to update the bfd_session causes
use-after-free.

Thanks to Lexi Winter for the bugreport.
---

diff --git a/proto/bfd/bfd.c b/proto/bfd/bfd.c
index 4997f803a..eba7a0ed5 100644
--- a/proto/bfd/bfd.c
+++ b/proto/bfd/bfd.c
@@ -589,6 +589,8 @@ bfd_reconfigure_sessions(struct deferred_call *dc)
 	  min_tx_int,
 	  idle_tx_int,
 	  multiplier,
+	  auth_type,
+	  passwords,
 	  passive) false; /* terminating the || chain */
 #undef CHK