session: fix coverity warnings

Change-Id: I022dc40476ea9c30957b12bf1bd0629c6eb41cda
Signed-off-by: Florin Coras <fcoras@cisco.com>

diff --git a/src/vnet/session/session_api.c b/src/vnet/session/session_api.c
index ca739fa..9236b19 100755 (executable)
--- a/src/vnet/session/session_api.c
+++ b/src/vnet/session/session_api.c
@@ -1131,6 +1131,11 @@ vl_api_application_tls_cert_add_t_handler (vl_api_application_tls_cert_add_t *
   memset (a, 0, sizeof (*a));
   a->app_index = app->index;
   cert_len = clib_net_to_host_u16 (mp->cert_len);
+  if (cert_len > 10000)
+    {
+      rv = VNET_API_ERROR_INVALID_VALUE;
+      goto done;
+    }
   vec_validate (a->cert, cert_len);
   clib_memcpy (a->cert, mp->cert, cert_len);
   if ((error = vnet_app_add_tls_cert (a)))
@@ -1166,6 +1171,11 @@ vl_api_application_tls_key_add_t_handler (vl_api_application_tls_key_add_t *
   memset (a, 0, sizeof (*a));
   a->app_index = app->index;
   key_len = clib_net_to_host_u16 (mp->key_len);
+  if (key_len > 10000)
+    {
+      rv = VNET_API_ERROR_INVALID_VALUE;
+      goto done;
+    }
   vec_validate (a->key, key_len);
   clib_memcpy (a->key, mp->key, key_len);
   if ((error = vnet_app_add_tls_key (a)))

diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 040db02..d4c40f7 100644 (file)
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -189,7 +189,8 @@ tls_notify_app_enqueue (tls_ctx_t * ctx, stream_session_t * app_session)
 {
   application_t *app;
   app = application_get_if_valid (app_session->app_index);
-  tls_add_app_q_evt (app, app_session);
+  if (PREDICT_TRUE (app != 0))
+    tls_add_app_q_evt (app, app_session);
 }
 
 int