git: a618bb0f676c - stable/12 - pf: counter argument to pfr_pool_get() may never be NULL
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 27 Apr 2022 12:50:31 UTC
The branch stable/12 has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=a618bb0f676cca4f7e0898b0848acf8e88813c03
commit a618bb0f676cca4f7e0898b0848acf8e88813c03
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-04-21 12:53:05 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-04-27 06:49:28 +0000
pf: counter argument to pfr_pool_get() may never be NULL
Coverity points out that if counter was NULL when passed to
pfr_pool_get() we could potentially end up dereferencing it.
Happily all users of the function pass a non-NULL pointer. Enforce this
by assertion and remove the pointless NULL check.
Reported by: Coverity (CID 273309)
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit efc64d02a62f3254ecc0b22fcbcb8f73a079669f)
---
sys/netpfil/pf/pf_table.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c
index 0012d0f864c4..8e6ac382318d 100644
--- a/sys/netpfil/pf/pf_table.c
+++ b/sys/netpfil/pf/pf_table.c
@@ -2211,6 +2211,7 @@ pfr_pool_get(struct pfr_ktable *kt, int *pidx, struct pf_addr *counter,
int idx = -1, use_counter = 0;
MPASS(pidx != NULL);
+ MPASS(counter != NULL);
switch (af) {
case AF_INET:
@@ -2230,7 +2231,7 @@ pfr_pool_get(struct pfr_ktable *kt, int *pidx, struct pf_addr *counter,
return (-1);
idx = *pidx;
- if (counter != NULL && idx >= 0)
+ if (idx >= 0)
use_counter = 1;
if (idx < 0)
idx = 0;