From c810c33f846c2d694ffcd715e917206a9a0a038d Mon Sep 17 00:00:00 2001
From: Gabriel Oginski <gabrielx.oginski@intel.com>
Date: Wed, 16 Feb 2022 12:32:53 +0000
Subject: [PATCH] wireguard: fix passing null pointer

Type: fix

Fixed coverity-issue CID 248517.
Originally possibly passing null pointer to one function and
directly dereferences it.
This patch fixes the problem by add a new condition.

Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I02fc6fb5d1cfd6138ea4ba2b1946fd8a7ef34d3b
---
 src/plugins/wireguard/wireguard_input.c |  1 +
 src/plugins/wireguard/wireguard_noise.h | 20 ++++++++++----------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/src/plugins/wireguard/wireguard_input.c b/src/plugins/wireguard/wireguard_input.c
index dbdcaa0f45a..ba5a1d679e2 100644
--- a/src/plugins/wireguard/wireguard_input.c
+++ b/src/plugins/wireguard/wireguard_input.c
@@ -902,6 +902,7 @@ wg_input_post (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
 	  last_rec_idx = data->receiver_index;
 	}
 
+      ASSERT (peer != NULL); /* this pointer never should be NULL */
       if (PREDICT_FALSE (wg_input_post_process (vm, b[0], next, peer, data,
 						&is_keepalive) < 0))
 	goto trace;
diff --git a/src/plugins/wireguard/wireguard_noise.h b/src/plugins/wireguard/wireguard_noise.h
index e95211b8884..b436120dd8c 100644
--- a/src/plugins/wireguard/wireguard_noise.h
+++ b/src/plugins/wireguard/wireguard_noise.h
@@ -199,22 +199,22 @@ noise_remote_encrypt (vlib_main_t * vm, noise_remote_t *,
 static_always_inline noise_keypair_t *
 wg_get_active_keypair (noise_remote_t *r, uint32_t r_idx)
 {
-  if (r->r_current != NULL && r->r_current->kp_local_index == r_idx)
+  if (r->r_current != NULL)
     {
-      return r->r_current;
+      if (r->r_current->kp_local_index == r_idx)
+	return r->r_current;
     }
-  else if (r->r_previous != NULL && r->r_previous->kp_local_index == r_idx)
+  if (r->r_previous != NULL)
     {
-      return r->r_previous;
+      if (r->r_previous->kp_local_index == r_idx)
+	return r->r_previous;
     }
-  else if (r->r_next != NULL && r->r_next->kp_local_index == r_idx)
+  if (r->r_next != NULL)
     {
-      return r->r_next;
-    }
-  else
-    {
-      return NULL;
+      if (r->r_next->kp_local_index == r_idx)
+	return r->r_next;
     }
+  return NULL;
 }
 
 inline bool
-- 
2.16.6