From mboxrd@z Thu Jan 1 00:00:00 1970 From: Wen Yang Subject: [PATCH 3/4] tools: bpftool: fix potential NULL pointer dereference in do_load Date: Wed, 21 Nov 2018 15:43:12 +0800 Message-ID: <1542786192-19164-1-git-send-email-wen.yang99@zte.com.cn> Cc: daniel@iogearbox.net, jakub.kicinski@netronome.com, quentin.monnet@netronome.com, jiong.wang@netronome.com, guro@fb.com, sandipan@linux.vnet.ibm.com, john.fastabend@gmail.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, zhong.weidong@zte.com.cn, wang.yi59@zte.com.cn, Wen Yang , Julia Lawall To: ast@kernel.org Return-path: Sender: linux-kernel-owner@vger.kernel.org List-Id: netdev.vger.kernel.org This patch fixes a possible null pointer dereference in do_load, detected by the semantic patch deref_null.cocci, with the following warning: ./tools/bpf/bpftool/prog.c:1021:23-25: ERROR: map_replace is NULL but dereferenced. The following code has potential null pointer references: 881 map_replace = reallocarray(map_replace, old_map_fds + 1, 882 sizeof(*map_replace)); 883 if (!map_replace) { 884 p_err("mem alloc failed"); 885 goto err_free_reuse_maps; 886 } ... 1019 err_free_reuse_maps: 1020 for (i = 0; i < old_map_fds; i++) 1021 close(map_replace[i].fd); 1022 free(map_replace); Signed-off-by: Wen Yang Reviewed-by: Tan Hu CC: Julia Lawall --- tools/bpf/bpftool/prog.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/bpf/bpftool/prog.c b/tools/bpf/bpftool/prog.c index 5302ee2..de42187 100644 --- a/tools/bpf/bpftool/prog.c +++ b/tools/bpf/bpftool/prog.c @@ -1017,8 +1017,9 @@ static int do_load(int argc, char **argv) err_close_obj: bpf_object__close(obj); err_free_reuse_maps: - for (i = 0; i < old_map_fds; i++) - close(map_replace[i].fd); + if (map_replace) + for (i = 0; i < old_map_fds; i++) + close(map_replace[i].fd); free(map_replace); return -1; } -- 2.9.5