Mirror/frr
0
0
Fork 1
mirror of https://github.com/FRRouting/frr.git synced 2025-04-30 13:37:17 +02:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

lib: fix a Null Pointer Dereference bug in vrf.c

Browse source 
Function vrf_get can return a NULL value.

	if (vrf && vrf_id != VRF_UNKNOWN
	    && vrf->vrf_id != VRF_UNKNOWN
	    && vrf->vrf_id != vrf_id) {
		zlog_debug("VRF_GET: avoid %s creation(%u), same name exists (%u)",
			   name, vrf_id, vrf->vrf_id);
		return NULL;
	}

In function lib_vrf_create, the return value from vrf_get is dereferenced without any null value check, causing a null pointer dereference bug. 


Fix:
We noticed that other caller functions both check the return value of function vrf_get, thus similarly, we check the return value and return NB_ERR if null.

Signed-off-by: mugitya03 <mugitya233@outlook.com>
This commit is contained in:
mugitya03 2025-02-11 19:40:46 -05:00 committed by GitHub
parent 1e2a438764
commit 99d59d171a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/vrf.c
View file

@ -944,7 +944,9 @@ static int lib_vrf_create(struct nb_cb_create_args *args)
return NB_OK;
vrfp = vrf_get(VRF_UNKNOWN, vrfname);
if (!vrfp){
return NB_ERR;
}
SET_FLAG(vrfp->status, VRF_CONFIGURED);
nb_running_set_entry(args->dnode, vrfp);