From patchwork Fri Oct 12 16:08:45 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Phil Sutter <phil@nwl.cc>
X-Patchwork-Id: 983161
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=none (p=none dis=none) header.from=nwl.cc
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 42Wt7F6Ftqz9s3C
	for <incoming@patchwork.ozlabs.org>;
	Sat, 13 Oct 2018 03:08:57 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1728857AbeJLXmH (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Fri, 12 Oct 2018 19:42:07 -0400
Received: from orbyte.nwl.cc ([151.80.46.58]:43816 "EHLO orbyte.nwl.cc"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1728694AbeJLXmH (ORCPT <rfc822; netfilter-devel@vger.kernel.org>);
	Fri, 12 Oct 2018 19:42:07 -0400
Received: from localhost ([::1]:51350 helo=tatos)
	by orbyte.nwl.cc with esmtp (Exim 4.91)
	(envelope-from <phil@nwl.cc>)
	id 1gAzzj-0002Hc-Rn; Fri, 12 Oct 2018 18:08:55 +0200
From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nft PATCH] xt: Fix for covscan warning in xt_stmt_xlate()
Date: Fri, 12 Oct 2018 18:08:45 +0200
Message-Id: <20181012160845.4534-1-phil@nwl.cc>
X-Mailer: git-send-email 2.19.0
MIME-Version: 1.0
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

This does not fix a real issue, target or match field should never be
NULL. Also, I can't find a place where opts field is being assigned to.

Still, covscan sees the NULL check and assumes that if target or match
field is NULL *and* opts field is NULL as well, code ends up
dereferencing the NULL target or match field later on. Avoid this by
splitting the conditional so that later else cases are not hit.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 src/xt.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/xt.c b/src/xt.c
index 95d0c5f24c07e..1dcd414144a48 100644
--- a/src/xt.c
+++ b/src/xt.c
@@ -32,8 +32,9 @@ void xt_stmt_xlate(const struct stmt *stmt)
 
 	switch (stmt->xt.type) {
 	case NFT_XT_MATCH:
-		if (stmt->xt.match == NULL && stmt->xt.opts) {
-			printf("%s", stmt->xt.opts);
+		if (stmt->xt.match == NULL) {
+			if (stmt->xt.opts)
+				printf("%s", stmt->xt.opts);
 		} else if (stmt->xt.match->xlate) {
 			struct xt_xlate_mt_params params = {
 				.ip		= stmt->xt.entry,
@@ -51,8 +52,9 @@ void xt_stmt_xlate(const struct stmt *stmt)
 		break;
 	case NFT_XT_WATCHER:
 	case NFT_XT_TARGET:
-		if (stmt->xt.target == NULL && stmt->xt.opts) {
-			printf("%s", stmt->xt.opts);
+		if (stmt->xt.target == NULL) {
+			if (stmt->xt.opts)
+				printf("%s", stmt->xt.opts);
 		} else if (stmt->xt.target->xlate) {
 			struct xt_xlate_tg_params params = {
 				.ip		= stmt->xt.entry,