From 5090c57c4d1778b40ed77d31d1dd85eb3123c528 Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Sun, 18 Mar 2018 08:22:17 -0700 Subject: [PATCH] session: fix coverity warnings Change-Id: I022dc40476ea9c30957b12bf1bd0629c6eb41cda Signed-off-by: Florin Coras --- src/vnet/session/session_api.c | 10 ++++++++++ src/vnet/tls/tls.c | 3 ++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/vnet/session/session_api.c b/src/vnet/session/session_api.c index ca739fa3996..9236b19a5d0 100755 --- a/src/vnet/session/session_api.c +++ b/src/vnet/session/session_api.c @@ -1131,6 +1131,11 @@ vl_api_application_tls_cert_add_t_handler (vl_api_application_tls_cert_add_t * memset (a, 0, sizeof (*a)); a->app_index = app->index; cert_len = clib_net_to_host_u16 (mp->cert_len); + if (cert_len > 10000) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto done; + } vec_validate (a->cert, cert_len); clib_memcpy (a->cert, mp->cert, cert_len); if ((error = vnet_app_add_tls_cert (a))) @@ -1166,6 +1171,11 @@ vl_api_application_tls_key_add_t_handler (vl_api_application_tls_key_add_t * memset (a, 0, sizeof (*a)); a->app_index = app->index; key_len = clib_net_to_host_u16 (mp->key_len); + if (key_len > 10000) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto done; + } vec_validate (a->key, key_len); clib_memcpy (a->key, mp->key, key_len); if ((error = vnet_app_add_tls_key (a))) diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c index 040db020f77..d4c40f715d4 100644 --- a/src/vnet/tls/tls.c +++ b/src/vnet/tls/tls.c @@ -189,7 +189,8 @@ tls_notify_app_enqueue (tls_ctx_t * ctx, stream_session_t * app_session) { application_t *app; app = application_get_if_valid (app_session->app_index); - tls_add_app_q_evt (app, app_session); + if (PREDICT_TRUE (app != 0)) + tls_add_app_q_evt (app, app_session); } int -- 2.16.6