From: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com>
Date: Sun, 11 Jul 2021 11:15:46 +0000 (+0300)
Subject: libnetlink: check error handler is present before a call
X-Git-Tag: v5.14.0~18
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=115e9870358ba08ec8921ff8f459d379522f0368;p=thirdparty%2Fiproute2.git

libnetlink: check error handler is present before a call

Fix nullptr dereference of errhndlr from rtnl_dump_filter_arg
struct in rtnl_dump_done and rtnl_dump_error functions.

Fixes: 459ce6e3d792 ("ip route: ignore ENOENT during save if RT_TABLE_MAIN is being dumped")
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: Roi Dayan <roid@nvidia.com>
Cc: Alexander Mikhalitsyn <alexander@mihalicyn.com>
Reported-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com>
Reviewed-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---

diff --git a/lib/libnetlink.c b/lib/libnetlink.c
index 5f062c7d5..6836c21c9 100644
--- a/lib/libnetlink.c
+++ b/lib/libnetlink.c
@@ -731,7 +731,7 @@ static int rtnl_dump_done(struct nlmsghdr *h,
 	if (len < 0) {
 		errno = -len;
 
-		if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR)
+		if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR))
 			return 0;
 
 		/* check for any messages returned from kernel */
@@ -774,7 +774,7 @@ static int rtnl_dump_error(const struct rtnl_handle *rth,
 		     errno == EOPNOTSUPP))
 			return -1;
 
-		if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR)
+		if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR))
 			return 0;
 
 		if (!(rth->flags & RTNL_HANDLE_F_SUPPRESS_NLERR))