From: E. Scott Daniels <daniels@research.att.com>
Date: Wed, 1 Apr 2020 18:01:02 +0000 (-0400)
Subject: Fix possible nil pointer deref in interface check
X-Git-Tag: 3.6.5^0
X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;h=d961525e9eb23e3dee4a16960a1772782c3b8b36;p=ric-plt%2Flib%2Frmr.git

Fix possible nil pointer deref in interface check

This change address a potential nil pointer dereference when
building a list of interface names that might be used for
connection listening.

Issue-ID: RIC-307

Signed-off-by: E. Scott Daniels <daniels@research.att.com>
Change-Id: I3b63bebe31afc61073bd4d4093f1fb42d018963e
---

diff --git a/CHANGES_CORE.txt b/CHANGES_CORE.txt
index 4e382e8..a8b20b7 100644
--- a/CHANGES_CORE.txt
+++ b/CHANGES_CORE.txt
@@ -1,10 +1,14 @@
-# this file should contain ONLY the changes related to the 
+# this file should contain ONLY the changes related to the
 # core RMR code and doc.  Other change files exist for other
 # things.
 
 # API and build change  and fix summaries. Doc correctsions
 # and/or changes are not mentioned here; see the commit messages.
 
+2020 April 2; version 3.6.5
+	Correct potential nil pointer use when examining interfaces for
+	use as a listen target (RIC-307)
+
 2020 April 1; version 3.6.4
 	Correct potential nil pointer use in the NNG interface (RIC-303)
 	Correct issue preventing CI build without a container
@@ -13,7 +17,7 @@
 	Correct the max receive message size constant in rmr.h (RIC-301)
 
 2020 March 23; version 3.6.2
-	Fix message initialisation bug when pulling a message from 
+	Fix message initialisation bug when pulling a message from
 	the pool (RIC-295)
 
 2020 March 19; version 3.6.1
@@ -28,7 +32,7 @@
 
 2020 March 10; version 3.5.1
 	Add missing health check message types.
-	
+
 2020 March 9; version 3.5.0
 	Added new wormhole send function: rmr_wh_call().
 
@@ -73,7 +77,7 @@
 
 2020 January 31; verison 3.1.1
 	Allow route table thread logging to be completely disabled
-	when logging is turned off.	
+	when logging is turned off.
 
 2020 January 26; verison 3.1.0
 	First step to allowing the user programme to control messages
@@ -120,7 +124,7 @@
 
 2019 November 7; version 1.12.0
 	Version cut to support continued development for next release
-	preserving the 1.11.* versions for release 1 (Amber) and 
+	preserving the 1.11.* versions for release 1 (Amber) and
 	related fixes.
 
 2019 October 31; version 1.10.2
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 076448e..e2392c1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -40,7 +40,7 @@ cmake_minimum_required( VERSION 3.5 )
 
 set( major_version "3" )		# should be automatically populated from git tag later, but until CI process sets a tag we use this
 set( minor_version "6" )
-set( patch_level "4" )
+set( patch_level "5" )
 
 set( install_root "${CMAKE_INSTALL_PREFIX}" )
 set( install_inc "include/rmr" )
diff --git a/src/rmr/common/src/tools_static.c b/src/rmr/common/src/tools_static.c
index 2adf9a5..b4245cd 100644
--- a/src/rmr/common/src/tools_static.c
+++ b/src/rmr/common/src/tools_static.c
@@ -327,13 +327,15 @@ if_addrs_t*  mk_ip_list( char* port ) {
 		if( ele && strcmp( ele->ifa_name, "lo" ) &&									// do NOT capture the loopback interface address
 			(target_if == NULL || strcmp( ele->ifa_name, target_if ) == 0 ) ) {		// no target, or matches ENV_BIND_IF target
 
-			if( ele->ifa_addr->sa_family == AF_INET ) {
-				getnameinfo( ele->ifa_addr, sizeof( struct sockaddr_in ),  octs, NI_MAXHOST, NULL, 0, NI_NUMERICHOST );
-				fmt = "%s:%s";
-			} else {
-				if( ele->ifa_addr->sa_family == AF_INET6 ) {
-					getnameinfo( ele->ifa_addr, sizeof( struct sockaddr_in6 ),  octs, NI_MAXHOST, NULL, 0, NI_NUMERICHOST );
-					fmt = "[%s]:%s";
+			if( ele->ifa_addr != NULL ) {						// possible for some interfaces to not have an address
+				if( ele->ifa_addr->sa_family == AF_INET ) {
+					getnameinfo( ele->ifa_addr, sizeof( struct sockaddr_in ),  octs, NI_MAXHOST, NULL, 0, NI_NUMERICHOST );
+					fmt = "%s:%s";
+				} else {
+					if( ele->ifa_addr->sa_family == AF_INET6 ) {
+						getnameinfo( ele->ifa_addr, sizeof( struct sockaddr_in6 ),  octs, NI_MAXHOST, NULL, 0, NI_NUMERICHOST );
+						fmt = "[%s]:%s";
+					}
 				}
 			}
 
diff --git a/test/si95_test.c b/test/si95_test.c
index 399ff78..d5bcc3a 100644
--- a/test/si95_test.c
+++ b/test/si95_test.c
@@ -106,19 +106,19 @@ static int memory( ) {
 
 	iptr = SInew( IOQ_BLK );
 	errors += fail_if_nil( iptr, "memory: sinew returned nil when given ioq request" );
-	iptr = SInew( IOQ_BLK );
 	SItrash(  IOQ_BLK, iptr );
 
 	ptr = SInew( TP_BLK );
 	errors += fail_if_nil( ptr, "memory: sinew returned nil when given tpblk request" );
 	if( ptr ) {
+		iptr = SInew( IOQ_BLK );
 		((struct tp_blk *)ptr)->squeue = iptr;
 		SItrash(  TP_BLK, ptr );
 	}
 	
 	ptr = SInew( GI_BLK );
 	errors += fail_if_nil( ptr, "memory: sinew returned nil when given giblk request" );
-	SItrash(  GI_BLK, ptr );
+	SItrash(  GI_BLK, ptr );		// GI block cannot be trashed, ensure this (valgind will complain about a leak)
 
 
 	return errors;