projects / collectd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 86f2ca0)
ovs_stats: fix potential NULL dereference
authorMark Kavanagh <mark.b.kavanagh@intel.com>
Mon, 19 Feb 2018 15:23:46 +0000 (15:23 +0000)
committerCiara Loftus <ciara.loftus@intel.com>
Tue, 27 Mar 2018 09:47:05 +0000 (10:47 +0100)
ovs_stats_update_iface() passes a pointer to a potentially-NULL
string to sstrncpy(); this is obviously problematic.

Add a check to ensure that the relevant string is non-NULL.

Fixes: 1cc7599 ("ovs_stats plugin: Fix null dereference of "port".)
Signed-off-by: Mark Kavanagh <mark.b.kavanagh@intel.com>
src/ovs_stats.c patch | blob | history

diff --git a/src/ovs_stats.c b/src/ovs_stats.c
index 358d10e..b42bef7 100644 (file)
--- a/src/ovs_stats.c
+++ b/src/ovs_stats.c
@@ -632,10 +632,15 @@ static int ovs_stats_update_iface(yajl_val iface) {
     ovs_stats_update_iface_ext_ids(port,
                                    YAJL_GET_ARRAY(iface_ext_ids)->values[1]);
   if (iface_uuid && YAJL_IS_ARRAY(iface_uuid) &&
-      YAJL_GET_ARRAY(iface_uuid)->len == 2)
+      YAJL_GET_ARRAY(iface_uuid)->len == 2 &&
+      YAJL_GET_STRING(YAJL_GET_ARRAY(iface_uuid)->values[1]) != NULL)
     sstrncpy(port->iface_uuid,
              YAJL_GET_STRING(YAJL_GET_ARRAY(iface_uuid)->values[1]),
              sizeof(port->iface_uuid));
+  else {
+    ERROR("ovs_stats plugin: incorrect JSON interface data");
+    return -1;
+  }
 
   return 0;
 }
collectd, the system statistics collection daemon