dhcp-message-dump: guard against negative option type before indexing

dhcp_option_type_from_code() returns _DHCP_OPTION_TYPE_INVALID (-EINVAL)
for the PAD and END option codes, and dump_dhcp_option_one() uses the
returned value directly as an index into the functions[] table. Those
codes are excluded by an assert() at the top of the function, but
assert() compiles down to __builtin_unreachable() under NDEBUG, so a
negative array index read is reachable there (and trips static
analyzers). Bail out explicitly on the error return.

CID#1660105

Follow-up for 149adb2fdce0d9a40f9332ecb1a48a486fce5194

diff --git a/src/libsystemd-network/dhcp-message-dump.c b/src/libsystemd-network/dhcp-message-dump.c
index a593c86d451e11304d021543bfb7cf6c1e4335fd..0314522231108df8fb85fd240c71e594b921f4aa 100644 (file)
--- a/src/libsystemd-network/dhcp-message-dump.c
+++ b/src/libsystemd-network/dhcp-message-dump.c
@@ -895,6 +895,8 @@ static int dump_dhcp_option_one(Table *table, sd_dhcp_message *message, uint8_t
         bool fallback = false;
         if (type == DHCP_OPTION_TYPE_AUTO) {
                 type = dhcp_option_type_from_code(code);
+                if (type < 0)
+                        return type;
                 fallback = true;
         }