From d3088e94ec7b8745686af0ca838fd1048b0837a8 Mon Sep 17 00:00:00 2001
From: yedg <yedg@wangsu.com>
Date: Thu, 14 May 2020 10:51:53 +0800
Subject: ip: fix interface ip address del sw_if_index check

Type: fix

Signed-off-by: Ye donggang <yedg@wangsu.com>
Change-Id: Ia9f72ff2be455ecd4ff3d16e884c5a50f9df69fe
(cherry picked from commit dbd366b239c0506b0d9984e7481967e038f10a23)
---
 src/vnet/ip/ip4_forward.c  |  5 ++++-
 src/vnet/ip/ip6_forward.c  |  5 ++++-
 src/vnet/ip/ip_interface.c | 17 +++++++++++++++--
 src/vnet/ip/ip_interface.h |  6 ++++--
 test/test_ip4.py           | 18 ++++++++++++++++++
 test/test_ip6.py           | 18 ++++++++++++++++++
 6 files changed, 63 insertions(+), 6 deletions(-)

diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c
index ea78d550789..4691e27c3e3 100644
--- a/src/vnet/ip/ip4_forward.c
+++ b/src/vnet/ip/ip4_forward.c
@@ -779,7 +779,10 @@ ip4_add_del_interface_address_internal (vlib_main_t * vm,
 	  goto done;
 	}
 
-      ip_interface_address_del (lm, if_address_index, addr_fib);
+      error = ip_interface_address_del (lm, vnm, if_address_index, addr_fib,
+					address_length, sw_if_index);
+      if (error)
+	goto done;
     }
   else
     {
diff --git a/src/vnet/ip/ip6_forward.c b/src/vnet/ip/ip6_forward.c
index 1d6c1b7f105..207d968a650 100644
--- a/src/vnet/ip/ip6_forward.c
+++ b/src/vnet/ip/ip6_forward.c
@@ -428,7 +428,10 @@ ip6_add_del_interface_address (vlib_main_t * vm,
 	  goto done;
 	}
 
-      ip_interface_address_del (lm, if_address_index, addr_fib);
+      error = ip_interface_address_del (lm, vnm, if_address_index, addr_fib,
+					address_length, sw_if_index);
+      if (error)
+	goto done;
     }
   else
     {
diff --git a/src/vnet/ip/ip_interface.c b/src/vnet/ip/ip_interface.c
index 23c3df81638..48c20a6cf34 100644
--- a/src/vnet/ip/ip_interface.c
+++ b/src/vnet/ip/ip_interface.c
@@ -90,14 +90,26 @@ ip_interface_address_add (ip_lookup_main_t * lm,
   return (NULL);
 }
 
-void
+clib_error_t *
 ip_interface_address_del (ip_lookup_main_t * lm,
-			  u32 address_index, void *addr_fib)
+			  vnet_main_t * vnm,
+			  u32 address_index, void *addr_fib,
+			  u32 address_length, u32 sw_if_index)
 {
   ip_interface_address_t *a, *prev, *next;
 
   a = pool_elt_at_index (lm->if_address_pool, address_index);
 
+  if (a->sw_if_index != sw_if_index)
+    {
+      vnm->api_errno = VNET_API_ERROR_ADDRESS_NOT_FOUND_FOR_INTERFACE;
+      return clib_error_create ("%U not found for interface %U",
+				lm->format_address_and_length,
+				addr_fib, address_length,
+				format_vnet_sw_if_index_name,
+				vnet_get_main (), sw_if_index);
+    }
+
   if (a->prev_this_sw_interface != ~0)
     {
       prev = pool_elt_at_index (lm->if_address_pool,
@@ -121,6 +133,7 @@ ip_interface_address_del (ip_lookup_main_t * lm,
   mhash_unset (&lm->address_to_if_address_index, addr_fib,
 	       /* old_value */ 0);
   pool_put (lm->if_address_pool, a);
+  return NULL;
 }
 
 u8
diff --git a/src/vnet/ip/ip_interface.h b/src/vnet/ip/ip_interface.h
index f95b8deb07b..b48eebdbc90 100644
--- a/src/vnet/ip/ip_interface.h
+++ b/src/vnet/ip/ip_interface.h
@@ -28,8 +28,10 @@ clib_error_t *ip_interface_address_add (ip_lookup_main_t * lm,
 					void *address,
 					u32 address_length,
 					u32 * result_index);
-void ip_interface_address_del (ip_lookup_main_t * lm,
-			       u32 addr_index, void *address);
+clib_error_t *ip_interface_address_del (ip_lookup_main_t * lm,
+					vnet_main_t * vnm,
+					u32 addr_index, void *address,
+					u32 address_length, u32 sw_if_index);
 void *ip_interface_get_first_ip (u32 sw_if_index, u8 is_ip4);
 void ip_interface_address_mark (void);
 void ip_interface_address_sweep (void);
diff --git a/test/test_ip4.py b/test/test_ip4.py
index 43804c7c40a..8c6f8c04c0c 100644
--- a/test/test_ip4.py
+++ b/test/test_ip4.py
@@ -411,6 +411,24 @@ class TestIPv4IfAddrRoute(VppTestCase):
         fib4_dump = self.vapi.ip_route_dump(0)
         self.assertTrue(lo_if.is_ip4_entry_in_fib_dump(fib4_dump))
 
+    def test_ipv4_ifaddr_del(self):
+        """ Delete an interface address that does not exist """
+
+        loopbacks = self.create_loopback_interfaces(1)
+        lo = self.lo_interfaces[0]
+
+        lo.config_ip4()
+        lo.admin_up()
+
+        #
+        # try and remove pg0's subnet from lo
+        #
+        with self.vapi.assert_negative_api_retval():
+            self.vapi.sw_interface_add_del_address(
+                sw_if_index=lo.sw_if_index,
+                prefix=self.pg0.local_ip4_prefix,
+                is_add=0)
+
 
 class TestICMPEcho(VppTestCase):
     """ ICMP Echo Test Case """
diff --git a/test/test_ip6.py b/test/test_ip6.py
index 87346c2964f..f8a2dc24e42 100644
--- a/test/test_ip6.py
+++ b/test/test_ip6.py
@@ -1125,6 +1125,24 @@ class TestIPv6IfAddrRoute(VppTestCase):
         self.assertFalse(find_route(self, addr1, 128))
         self.assertFalse(find_route(self, addr2, 128))
 
+    def test_ipv6_ifaddr_del(self):
+        """ Delete an interface address that does not exist """
+
+        loopbacks = self.create_loopback_interfaces(1)
+        lo = self.lo_interfaces[0]
+
+        lo.config_ip6()
+        lo.admin_up()
+
+        #
+        # try and remove pg0's subnet from lo
+        #
+        with self.vapi.assert_negative_api_retval():
+            self.vapi.sw_interface_add_del_address(
+                sw_if_index=lo.sw_if_index,
+                prefix=self.pg0.local_ip6_prefix,
+                is_add=0)
+
 
 class TestICMPv6Echo(VppTestCase):
     """ ICMPv6 Echo Test Case """
-- 
cgit 1.2.3-korg