acl-plugin: fix coverity error in acl_test.c

Attempting to supply within a VAT CLI to add the ACLs a rule count
override with no rules to add would result in null pointer dereference
as we attempt to copy those rules to the message.
Add the check to avoid copy if the source pointer is null
(i.e. if there are no rules to copy from).
This commit fixes coverity errors 166797 and 166792.

Change-Id: Icabe060d961ba07dc41f63b8e17fca12ff82aa29
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>

diff --git a/src/plugins/acl/acl_test.c b/src/plugins/acl/acl_test.c
index 6154a23..8f6179f 100644 (file)
--- a/src/plugins/acl/acl_test.c
+++ b/src/plugins/acl/acl_test.c
@@ -480,7 +480,7 @@ static int api_acl_add_replace (vat_main_t * vam)
     memset (mp, 0, msg_size);
     mp->_vl_msg_id = ntohs (VL_API_ACL_ADD_REPLACE + sm->msg_id_base);
     mp->client_index = vam->my_client_index;
-    if (n_rules > 0)
+    if ((n_rules > 0) && rules)
       clib_memcpy(mp->r, rules, n_rules*sizeof (vl_api_acl_rule_t));
     if (tag)
       {
@@ -934,7 +934,7 @@ static int api_macip_acl_add (vat_main_t * vam)
     memset (mp, 0, msg_size);
     mp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_ADD + sm->msg_id_base);
     mp->client_index = vam->my_client_index;
-    if (n_rules > 0)
+    if ((n_rules > 0) && rules)
       clib_memcpy(mp->r, rules, n_rules*sizeof (mp->r[0]));
     if (tag)
       {