From: Benjamin Poirier <bpoirier@nvidia.com>
Date: Mon, 11 Dec 2023 14:07:22 +0000 (-0500)
Subject: bridge: vni: Guard close_vni_port() call
X-Git-Tag: v6.7.0~21
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7418335b4b43de1ed3e9d6f651f5d2cb39f8ee95;p=thirdparty%2Fiproute2.git

bridge: vni: Guard close_vni_port() call

Currently, the call to open_vni_port() within print_vnifilter_rtm() is
written in a way that is safe if there is a RTM_{NEW,DEL,GET}TUNNEL message
without any VXLAN_VNIFILTER_ENTRY attribute. However the close_vni_port()
call is written in a way that assumes there is always at least one
VXLAN_VNIFILTER_ENTRY attribute within every RTM_*TUNNEL message. At this
time, this assumption is correct. However, the code should be consistent in
its assumptions. Choose the safe approach and fix the asymmetry between the
open_vni_port() and close_vni_port() calls by guarding the latter call with
a check.

Reviewed-by: Petr Machata <petrm@nvidia.com>
Tested-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---

diff --git a/bridge/vni.c b/bridge/vni.c
index 8a6ac2458..ca5d2e433 100644
--- a/bridge/vni.c
+++ b/bridge/vni.c
@@ -341,7 +341,9 @@ int print_vnifilter_rtm(struct nlmsghdr *n, void *arg)
 
 		print_vni(t, tmsg->ifindex);
 	}
-	close_vni_port();
+
+	if (!first)
+		close_vni_port();
 
 	print_string(PRINT_FP, NULL, "%s", _SL_);