Many nl_transact callers and its wrapper tc_transact pass NULL for replyp which is being accessed in error flow without being checked if null or not.
Signed-off-by: Roi Dayan <[email protected]> Reviewed-by: Paul Blakey <[email protected]> --- lib/netlink-socket.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/netlink-socket.c b/lib/netlink-socket.c index 7502764..e45914c 100644 --- a/lib/netlink-socket.c +++ b/lib/netlink-socket.c @@ -1698,7 +1698,9 @@ nl_transact(int protocol, const struct ofpbuf *request, error = nl_pool_alloc(protocol, &sock); if (error) { - *replyp = NULL; + if (replyp) { + *replyp = NULL; + } return error; } -- 2.7.4 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
