From: Daniel P. Berrangé <berrange@redhat.com>
Date: Thu, 16 Oct 2025 10:09:18 +0000 (+0100)
Subject: tools/nss: check for missing array element
X-Git-Tag: CVE-2025-12748~62
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ff3d18528c24effc721f6e0a6b31c46cb5f0071;p=thirdparty%2Flibvirt.git

tools/nss: check for missing array element

We've already checked the upper bound of the array, but we should
none the less sanity check that the requested array element is
not NULL before dereferencing it.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---

diff --git a/tools/nss/libvirt_nss_macs.c b/tools/nss/libvirt_nss_macs.c
index 44544624f3..1110848060 100644
--- a/tools/nss/libvirt_nss_macs.c
+++ b/tools/nss/libvirt_nss_macs.c
@@ -101,6 +101,8 @@ findMACsFromJSON(json_object *jobj,
             char *macstr;
 
             macobj = json_object_array_get_idx(macsArray, j);
+            if (!macobj)
+                return -1;
             macstr = strdup(json_object_get_string(macobj));
             if (!macstr)
                 return -1;