From 0018a3e54efcf6dfbc08ae307b366ee6c4fb3257 Mon Sep 17 00:00:00 2001 From: Andrew Yourtchenko Date: Wed, 7 Jun 2017 12:30:48 +0200 Subject: [PATCH] acl-plugin: fix coverity error in acl_test.c Attempting to supply within a VAT CLI to add the ACLs a rule count override with no rules to add would result in null pointer dereference as we attempt to copy those rules to the message. Add the check to avoid copy if the source pointer is null (i.e. if there are no rules to copy from). This commit fixes coverity errors 166797 and 166792. Change-Id: Icabe060d961ba07dc41f63b8e17fca12ff82aa29 Signed-off-by: Andrew Yourtchenko --- src/plugins/acl/acl_test.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/plugins/acl/acl_test.c b/src/plugins/acl/acl_test.c index 6154a238ff9..8f6179f8f33 100644 --- a/src/plugins/acl/acl_test.c +++ b/src/plugins/acl/acl_test.c @@ -480,7 +480,7 @@ static int api_acl_add_replace (vat_main_t * vam) memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_ACL_ADD_REPLACE + sm->msg_id_base); mp->client_index = vam->my_client_index; - if (n_rules > 0) + if ((n_rules > 0) && rules) clib_memcpy(mp->r, rules, n_rules*sizeof (vl_api_acl_rule_t)); if (tag) { @@ -934,7 +934,7 @@ static int api_macip_acl_add (vat_main_t * vam) memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_ADD + sm->msg_id_base); mp->client_index = vam->my_client_index; - if (n_rules > 0) + if ((n_rules > 0) && rules) clib_memcpy(mp->r, rules, n_rules*sizeof (mp->r[0])); if (tag) {