From nobody Tue Oct 24 09:34:03 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SF6MJ172dz4xnKl; Tue, 24 Oct 2023 09:34:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SF6MJ0SHDz3c3b; Tue, 24 Oct 2023 09:34:04 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1698140044; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jvmK0mHsKeByZbRkkVfwKTZiU8yoloaxWIyGnGB0OjA=; b=BD1wz0qV4EahfxmaT0ROQoL63rROMXvI35TbF0rp3w6lTzsHY20VCDINRVVMVNGJdsLxMC Pa+0YysM3JVmwtqCvs5b4P8djrKRBMmesJg1NvXg193RgqMYUY0a8CXidtVyYCfm1eSliE BFsjZb7XZhhJDusuuyaRqnQYO4a7jYpamwMUQaOFOVKIMP93LQaHwzFZrJphQiuM2YRjhH oujuVMjDmNz/Bc3qknxdYdW0aIzaKBiF/RjMKjYJmCak0o6Wg2qCOgNGvicMEQxcR01nFE kC6f15/0Vu+uc5BQ4tvgGZk1T2dsBpeik/xnTgn5VTygS84aNfLofgR6D2EHdQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1698140044; a=rsa-sha256; cv=none; b=lMwzLPAXs0KO2ZdyVvnPNG9xG9tJ5NRdp3wTcr8Fp2rD7hIgGHC5SLKg/RUXniSMMKDn2N mnDzxJLeyAUbrDlyFzhOi++9a1uMbJK8BxjChK29Xr7Sg9qd7F5eY3Flej1Lnahh0xasFo 7XmkwdGw+xYf9ZkMwzr2M4X2d377ZzavETHdfZpUhUS5708BS1Hh/K63CWQToDekj2dI+n sLFK3DtmOfPY85NY8dZlyzjbtz/EpbqzFneTX+W6FHnZxzZJd2YX+JETRtQ7ylZzqPSShM /ZIFFLC/TS29LHhcB7PGhqFuZq9sykndXflQTzECj50I146sw32HIDomlKNJww== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1698140044; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jvmK0mHsKeByZbRkkVfwKTZiU8yoloaxWIyGnGB0OjA=; b=D6owxhN8n33m9nhPzKcyhUIEm0Lts2Z79v55VF7ebJqFBWBApMPEA5kIWWrmHisaytsJVL x5EI6mUDuL6TqQu71ZiZ67Pn+JVoRvfOqZqyZUyl/TblO4jWKv2Qy5D3ORDqsutTEMSgU2 dNil71LssZPhRvKCLDwb2W2qHh9og375T1hzneHoxdgXJT2KTdT0X4cB+EieGbCMOosilj gMZCprjaCESLsuzyhrtd87NIdx+AZco/1+aUJHsmSue8Zh2bfnGrPfjUr168Kw2ESs7WtB T3jq+H+Kqt5Uv6KnQBNcOH4SJCIIm2SO3ckNGYvNoGItoyn0t1DGkSupnlXqNg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SF6MH6KDMz38J; Tue, 24 Oct 2023 09:34:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 39O9Y37g086246; Tue, 24 Oct 2023 09:34:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 39O9Y3kV086243; Tue, 24 Oct 2023 09:34:03 GMT (envelope-from git) Date: Tue, 24 Oct 2023 09:34:03 GMT Message-Id: <202310240934.39O9Y3kV086243@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 4abc3b482e0d - main - libpfctl: fix Coverity issues List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 4abc3b482e0d246cd3518622223795c8de102130 Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=4abc3b482e0d246cd3518622223795c8de102130 commit 4abc3b482e0d246cd3518622223795c8de102130 Author: Kristof Provost AuthorDate: 2023-10-23 11:46:11 +0000 Commit: Kristof Provost CommitDate: 2023-10-24 07:50:47 +0000 libpfctl: fix Coverity issues - handle snl_finalize_msg() returning NULL - insert the correct data into the states list - add missing nvlist_destroy() - incorrect order for array bounds Coverity: 1522929, 1522925, 1522923, 1522921, 1522780, 1522770, 1522764, 1487785, 1471250 Reviewed by: emaste MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D42330 --- lib/libpfctl/libpfctl.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 22b0471e2912..335aeb8e2c8c 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -196,6 +196,8 @@ pfctl_startstop(int start) start ? PFNL_CMD_START : PFNL_CMD_STOP); hdr = snl_finalize_msg(&nw); + if (hdr == NULL) + return (ENOMEM); seq_id = hdr->nlmsg_seq; snl_send_message(&ss, hdr); @@ -730,6 +732,8 @@ pfctl_get_eth_ruleset(int dev, const char *path, int nr, strlcpy(ri->name, nvlist_get_string(nvl, "name"), PF_ANCHOR_NAME_SIZE); + nvlist_destroy(nvl); + return (0); } @@ -828,8 +832,8 @@ pfctl_add_eth_rule(int dev, const struct pfctl_eth_rule *r, const char *anchor, pfctl_nv_add_rule_addr(nvl, "ipdst", &r->ipdst); labelcount = 0; - while (r->label[labelcount][0] != 0 && - labelcount < PF_RULE_MAX_LABEL_COUNT) { + while (labelcount < PF_RULE_MAX_LABEL_COUNT && + r->label[labelcount][0] != 0) { nvlist_append_string_array(nvl, "labels", r->label[labelcount]); labelcount++; @@ -1208,6 +1212,8 @@ pfctl_get_creators_nl(struct snl_state *ss, uint32_t *creators, size_t *len) hdr = snl_create_genl_msg_request(&nw, family_id, PFNL_CMD_GETCREATORS); hdr->nlmsg_flags |= NLM_F_DUMP; hdr = snl_finalize_msg(&nw); + if (hdr == NULL) + return (ENOMEM); uint32_t seq_id = hdr->nlmsg_seq; snl_send_message(ss, hdr); @@ -1362,6 +1368,8 @@ pfctl_get_states_nl(struct pfctl_state_filter *filter, struct snl_state *ss, pfc snl_add_msg_attr_ip6(&nw, PF_ST_FILTER_MASK, &filter->mask.v6); hdr = snl_finalize_msg(&nw); + if (hdr == NULL) + return (ENOMEM); uint32_t seq_id = hdr->nlmsg_seq; @@ -1417,7 +1425,7 @@ pfctl_append_states(struct pfctl_state *s, void *arg) memcpy(new, s, sizeof(*s)); - TAILQ_INSERT_TAIL(&states->states, s, entry); + TAILQ_INSERT_TAIL(&states->states, new, entry); return (0); }