From 95d2f30f20a89c1a4d73ffbdd87221082b98e155 Mon Sep 17 00:00:00 2001 From: Jon Loeliger Date: Wed, 4 Dec 2019 11:42:36 -0600 Subject: classify: Fix 2 coverity errors Validate two tainted scalars, filter_sw_if_index, that came from an API message. Type: fix Change-Id: I3ac8a09f91f380185e36babeaa6330691f7cb24b Signed-off-by: Jon Loeliger --- src/vnet/classify/classify_api.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'src/vnet/classify') diff --git a/src/vnet/classify/classify_api.c b/src/vnet/classify/classify_api.c index 0725a9c0635..24f28873fbe 100644 --- a/src/vnet/classify/classify_api.c +++ b/src/vnet/classify/classify_api.c @@ -237,6 +237,10 @@ vl_api_policer_classify_dump_t_handler (vl_api_policer_classify_dump_t * mp) return; filter_sw_if_index = ntohl (mp->sw_if_index); + if (filter_sw_if_index + >= vec_len (pcm->classify_table_index_by_sw_if_index[mp->type])) + return; + if (filter_sw_if_index != ~0) vec_tbl = &pcm->classify_table_index_by_sw_if_index[mp->type][filter_sw_if_index]; @@ -519,6 +523,10 @@ vl_api_flow_classify_dump_t_handler (vl_api_flow_classify_dump_t * mp) return; filter_sw_if_index = ntohl (mp->sw_if_index); + if (filter_sw_if_index + >= vec_len (pcm->classify_table_index_by_sw_if_index[mp->type])) + return; + if (filter_sw_if_index != ~0) vec_tbl = &pcm->classify_table_index_by_sw_if_index[mp->type][filter_sw_if_index]; -- cgit 1.2.3-korg