From 8bb864ad6586da7767cf4b90b75e62cd7324859d Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 21 Feb 2023 19:50:41 +0100 Subject: [PATCH] netlink: Fix for potential NULL-pointer deref Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2160049 Upstream Status: nftables commit 927d5674e7bf6 commit 927d5674e7bf656428f97c54c9171006e8c3c75e Author: Phil Sutter Date: Tue Jan 10 22:36:58 2023 +0100 netlink: Fix for potential NULL-pointer deref If memory allocation fails, calloc() returns NULL which was not checked for. The code seems to expect zero array size though, so simply replacing this call by one of the x*calloc() ones won't work. So guard the call also by a check for 'len'. Fixes: db0697ce7f602 ("src: support for flowtable listing") Signed-off-by: Phil Sutter Signed-off-by: Phil Sutter --- src/netlink.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/netlink.c b/src/netlink.c index 799cf9b..dee1732 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -1700,7 +1700,8 @@ netlink_delinearize_flowtable(struct netlink_ctx *ctx, while (dev_array[len]) len++; - flowtable->dev_array = calloc(1, len * sizeof(char *)); + if (len) + flowtable->dev_array = xmalloc(len * sizeof(char *)); for (i = 0; i < len; i++) flowtable->dev_array[i] = xstrdup(dev_array[i]); -- 2.39.2