From 927d5674e7bf656428f97c54c9171006e8c3c75e Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Tue, 10 Jan 2023 22:36:58 +0100
Subject: netlink: Fix for potential NULL-pointer deref

If memory allocation fails, calloc() returns NULL which was not checked
for. The code seems to expect zero array size though, so simply
replacing this call by one of the x*calloc() ones won't work. So guard
the call also by a check for 'len'.

Fixes: db0697ce7f602 ("src: support for flowtable listing")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 src/netlink.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/netlink.c')

diff --git a/src/netlink.c b/src/netlink.c
index 51de9c9c..efae1251 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1790,7 +1790,8 @@ netlink_delinearize_flowtable(struct netlink_ctx *ctx,
 	while (dev_array[len])
 		len++;
 
-	flowtable->dev_array = calloc(1, len * sizeof(char *));
+	if (len)
+		flowtable->dev_array = xmalloc(len * sizeof(char *));
 	for (i = 0; i < len; i++)
 		flowtable->dev_array[i] = xstrdup(dev_array[i]);
 
-- 
cgit v1.2.3