45 lines
1.4 KiB
Diff
45 lines
1.4 KiB
Diff
|
From 3fbbb074303ec3dafd97fcdeaa0a292068c23140 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Phil Sutter <psutter@redhat.com>
|
||
|
|
Date: Tue, 21 Feb 2023 19:50:41 +0100
|
||
|
|
Subject: [PATCH] netlink: Fix for potential NULL-pointer deref
|
||
|
|
|
||
|
|
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2211076
|
||
|
|
Upstream Status: nftables commit 927d5674e7bf6
|
||
|
|
|
||
|
|
commit 927d5674e7bf656428f97c54c9171006e8c3c75e
|
||
|
|
Author: Phil Sutter <phil@nwl.cc>
|
||
|
|
Date: Tue Jan 10 22:36:58 2023 +0100
|
||
|
|
|
||
|
|
netlink: Fix for potential NULL-pointer deref
|
||
|
|
|
||
|
|
If memory allocation fails, calloc() returns NULL which was not checked
|
||
|
|
for. The code seems to expect zero array size though, so simply
|
||
|
|
replacing this call by one of the x*calloc() ones won't work. So guard
|
||
|
|
the call also by a check for 'len'.
|
||
|
|
|
||
|
|
Fixes: db0697ce7f602 ("src: support for flowtable listing")
|
||
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
||
|
|
|
||
|
|
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
||
|
|
---
|
||
|
|
src/netlink.c | 3 ++-
|
||
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/src/netlink.c b/src/netlink.c
|
||
|
|
index 799cf9b..dee1732 100644
|
||
|
|
--- a/src/netlink.c
|
||
|
|
+++ b/src/netlink.c
|
||
|
|
@@ -1700,7 +1700,8 @@ netlink_delinearize_flowtable(struct netlink_ctx *ctx,
|
||
|
|
while (dev_array[len])
|
||
|
|
len++;
|
||
|
|
|
||
|
|
- flowtable->dev_array = calloc(1, len * sizeof(char *));
|
||
|
|
+ if (len)
|
||
|
|
+ flowtable->dev_array = xmalloc(len * sizeof(char *));
|
||
|
|
for (i = 0; i < len; i++)
|
||
|
|
flowtable->dev_array[i] = xstrdup(dev_array[i]);
|
||
|
|
|
||
|
|
--
|
||
|
|
2.41.0.rc1
|
||
|
|
|