netlink: Fix for potential NULL-pointer deref

commit 927d5674e7bf656428f97c54c9171006e8c3c75e upstream. If memory allocation fails, calloc() returns NULL which was not checked for. The code seems to expect zero array size though, so simply replacing this call by one of the x*calloc() ones won't work. So guard the call also by a check for 'len'. Fixes: db0697ce7f602 ("src: support for flowtable listing") Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2023-01-10 22:36:58 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2023-11-02 11:56:18 +0100
commit: b694dbdee37c623456f90f202244c6b3e48b70ab (patch)
tree: 2e3d72eeb17394ee00e0249cbd2bfcefcd91042a /src/netlink.c
parent: 6c27573f57f66043c86ec576422645bb2e1a7769 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/netlink.c b/src/netlink.c
index efbc6565..5130f6c4 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1790,7 +1790,8 @@ netlink_delinearize_flowtable(struct netlink_ctx *ctx,
 	while (dev_array[len])
 		len++;
 
-	flowtable->dev_array = calloc(1, len * sizeof(char *));
+	if (len)
+		flowtable->dev_array = xmalloc(len * sizeof(char *));
 	for (i = 0; i < len; i++)
 		flowtable->dev_array[i] = xstrdup(dev_array[i]);
author	Phil Sutter <phil@nwl.cc>	2023-01-10 22:36:58 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2023-11-02 11:56:18 +0100
commit	b694dbdee37c623456f90f202244c6b3e48b70ab (patch)
tree	2e3d72eeb17394ee00e0249cbd2bfcefcd91042a /src/netlink.c
parent	6c27573f57f66043c86ec576422645bb2e1a7769 (diff)