From efc64d02a62f3254ecc0b22fcbcb8f73a079669f Mon Sep 17 00:00:00 2001 From: Kristof Provost Date: Thu, 21 Apr 2022 14:53:05 +0200 Subject: pf: counter argument to pfr_pool_get() may never be NULL Coverity points out that if counter was NULL when passed to pfr_pool_get() we could potentially end up dereferencing it. Happily all users of the function pass a non-NULL pointer. Enforce this by assertion and remove the pointless NULL check. Reported by: Coverity (CID 273309) MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf_table.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c index 9b048d899810..ea37b077c651 100644 --- a/sys/netpfil/pf/pf_table.c +++ b/sys/netpfil/pf/pf_table.c @@ -2249,6 +2249,7 @@ pfr_pool_get(struct pfr_ktable *kt, int *pidx, struct pf_addr *counter, int idx = -1, use_counter = 0; MPASS(pidx != NULL); + MPASS(counter != NULL); switch (af) { case AF_INET: @@ -2268,7 +2269,7 @@ pfr_pool_get(struct pfr_ktable *kt, int *pidx, struct pf_addr *counter, return (-1); idx = *pidx; - if (counter != NULL && idx >= 0) + if (idx >= 0) use_counter = 1; if (idx < 0) idx = 0; -- cgit v1.2.3