The bgpctl parser for large communities makes invalid assumptions about
the string passed into parse_largecommunity() and also seems to leak
the memory returned by strdup in the same function.
(gdb) run show rib large-community 1:1
Starting program: /usr/obj/usr.sbin/bgpctl/bgpctl show rib large-community 1:1
Program received signal SIGBUS, Bus error.
getlargecommunity (
s=0x9940329f0b9b6d6e <Address 0x9940329f0b9b6d6e out of bounds>)
at /usr/src/usr.sbin/bgpctl/parser.c:1022
1022 if (strcmp(s, "*") == 0)
(gdb) p s
$1 = 0x9940329f0b9b6d6e <Address 0x9940329f0b9b6d6e out of bounds>
(gdb) bt
#0 getlargecommunity (
s=0x9940329f0b9b6d6e <Address 0x9940329f0b9b6d6e out of bounds>)
at /usr/src/usr.sbin/bgpctl/parser.c:1022
#1 0x00001f9c2a005895 in parse_largecommunity (word=Variable "word" is not
available.
)
at /usr/src/usr.sbin/bgpctl/parser.c:1050
#2 0x00001f9c2a00691d in match_token (argc=0x7f7ffffea24c,
argv=0x7f7ffffea240, table=0x1f9c2a217680)
at /usr/src/usr.sbin/bgpctl/parser.c:599
#3 0x00001f9c2a006d7c in parse (argc=1, argv=0x7f7ffffea6a8)
at /usr/src/usr.sbin/bgpctl/parser.c:442
#4 0x00001f9c2a00462a in main (argc=4, argv=0x7f7ffffea688)
at /usr/src/usr.sbin/bgpctl/bgpctl.c:150
