classify: Fix 2 coverity errors

Validate two tainted scalars, filter_sw_if_index, that came from an API message. Type: fix Change-Id: I3ac8a09f91f380185e36babeaa6330691f7cb24b Signed-off-by: Jon Loeliger <jdl@netgate.com>
author: Jon Loeliger <jdl@netgate.com> 2019-12-04 11:42:36 -0600
committer: Ole Trøan <otroan@employees.org> 2019-12-05 14:56:48 +0000
commit: 95d2f30f20a89c1a4d73ffbdd87221082b98e155 (patch)
tree: 55d3a86c5c65416bc7a8b67cb1f0d75d7abc5d66 /src/vnet/classify/classify_api.c
parent: fd574087e4b89e9c27aec1c9da60e1e91e009783 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/src/vnet/classify/classify_api.c b/src/vnet/classify/classify_api.c
index 0725a9c0635..24f28873fbe 100644
--- a/src/vnet/classify/classify_api.c
+++ b/src/vnet/classify/classify_api.c
@@ -237,6 +237,10 @@ vl_api_policer_classify_dump_t_handler (vl_api_policer_classify_dump_t * mp)
     return;
 
   filter_sw_if_index = ntohl (mp->sw_if_index);
+  if (filter_sw_if_index
+      >= vec_len (pcm->classify_table_index_by_sw_if_index[mp->type]))
+    return;
+
   if (filter_sw_if_index != ~0)
     vec_tbl =
       &pcm->classify_table_index_by_sw_if_index[mp->type][filter_sw_if_index];
@@ -519,6 +523,10 @@ vl_api_flow_classify_dump_t_handler (vl_api_flow_classify_dump_t * mp)
     return;
 
   filter_sw_if_index = ntohl (mp->sw_if_index);
+  if (filter_sw_if_index
+      >= vec_len (pcm->classify_table_index_by_sw_if_index[mp->type]))
+    return;
+
   if (filter_sw_if_index != ~0)
     vec_tbl =
       &pcm->classify_table_index_by_sw_if_index[mp->type][filter_sw_if_index];
author	Jon Loeliger <jdl@netgate.com>	2019-12-04 11:42:36 -0600
committer	Ole Trøan <otroan@employees.org>	2019-12-05 14:56:48 +0000
commit	95d2f30f20a89c1a4d73ffbdd87221082b98e155 (patch)
tree	55d3a86c5c65416bc7a8b67cb1f0d75d7abc5d66 /src/vnet/classify/classify_api.c
parent	fd574087e4b89e9c27aec1c9da60e1e91e009783 (diff)