proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-07-24 14:56:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

zebra: Fix NULL pointer dereference

Browse Source 
The `locator` pointer is dereferenced before ensuring it is not NULL.
Fix the issue by checking that the pointer is not NULL before
dereferencing it.

Fixes 1594013

** CID 1594013:  Null pointer dereferences  (REVERSE_INULL)
/zebra/zebra_srv6.c: 961 in zebra_srv6_sid_compose()

________________________________________________________________________________________________________
*** CID 1594013:  Null pointer dereferences  (REVERSE_INULL)
/zebra/zebra_srv6.c: 961 in zebra_srv6_sid_compose()
955     				   struct srv6_locator *locator,
956     				   uint32_t sid_func)
957     {
958     	uint8_t offset, func_len;
959     	struct srv6_sid_format *format = locator->sid_format;
960
     CID 1594013:  Null pointer dereferences  (REVERSE_INULL)
     Null-checking "locator" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
961     	if (!sid_value || !locator)
962     		return false;
963
964     	if (format) {
965     		offset = format->block_len + format->node_len;
966     		func_len = format->function_len;

Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
This commit is contained in:
Carmine Scarpitta 2024-06-21 17:47:46 +02:00
parent 375a02d2a3
commit df97a9d133
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
zebra/zebra_srv6.c
View File

@ -956,11 +956,12 @@ static bool zebra_srv6_sid_compose(struct in6_addr *sid_value,
uint32_t sid_func)
{
uint8_t offset, func_len;
struct srv6_sid_format *format = locator->sid_format;
struct srv6_sid_format *format;
if (!sid_value || !locator)
return false;
format = locator->sid_format;
if (format) {
offset = format->block_len + format->node_len;
func_len = format->function_len;