git: 275078f17251 - stable/14 - libpfctl: fix Coverity issues
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 01 Nov 2023 09:06:07 UTC
The branch stable/14 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=275078f1725179371dd53c7abac1850b98dac1a0 commit 275078f1725179371dd53c7abac1850b98dac1a0 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2023-10-23 11:46:11 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2023-11-01 09:05:49 +0000 libpfctl: fix Coverity issues - handle snl_finalize_msg() returning NULL - insert the correct data into the states list - add missing nvlist_destroy() - incorrect order for array bounds Coverity: 1522929, 1522925, 1522923, 1522921, 1522780, 1522770, 1522764, 1487785, 1471250 Reviewed by: emaste MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D42330 (cherry picked from commit 4abc3b482e0d246cd3518622223795c8de102130) --- lib/libpfctl/libpfctl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index d5347a7f8a84..2bdc14e8868a 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -758,6 +758,8 @@ pfctl_get_eth_ruleset(int dev, const char *path, int nr, strlcpy(ri->name, nvlist_get_string(nvl, "name"), PF_ANCHOR_NAME_SIZE); + nvlist_destroy(nvl); + return (0); } @@ -856,8 +858,8 @@ pfctl_add_eth_rule(int dev, const struct pfctl_eth_rule *r, const char *anchor, pfctl_nv_add_rule_addr(nvl, "ipdst", &r->ipdst); labelcount = 0; - while (r->label[labelcount][0] != 0 && - labelcount < PF_RULE_MAX_LABEL_COUNT) { + while (labelcount < PF_RULE_MAX_LABEL_COUNT && + r->label[labelcount][0] != 0) { nvlist_append_string_array(nvl, "labels", r->label[labelcount]); labelcount++;