This does not fix a real issue, target or match field should never be
NULL. Also, I can't find a place where opts field is being assigned to.
Still, covscan sees the NULL check and assumes that if target or match
field is NULL *and* opts field is NULL as well, code ends up
dereferencing the NULL target or match field later on. Avoid this by
splitting the conditional so that later else cases are not hit.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
src/xt.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/xt.c b/src/xt.c
index 95d0c5f24c07e..1dcd414144a48 100644
--- a/src/xt.c
+++ b/src/xt.c
@@ -32,8 +32,9 @@ void xt_stmt_xlate(const struct stmt *stmt)
switch (stmt->xt.type) {
case NFT_XT_MATCH:
- if (stmt->xt.match == NULL && stmt->xt.opts) {
- printf("%s", stmt->xt.opts);
+ if (stmt->xt.match == NULL) {
+ if (stmt->xt.opts)
+ printf("%s", stmt->xt.opts);
} else if (stmt->xt.match->xlate) {
struct xt_xlate_mt_params params = {
.ip = stmt->xt.entry,
@@ -51,8 +52,9 @@ void xt_stmt_xlate(const struct stmt *stmt)
break;
case NFT_XT_WATCHER:
case NFT_XT_TARGET:
- if (stmt->xt.target == NULL && stmt->xt.opts) {
- printf("%s", stmt->xt.opts);
+ if (stmt->xt.target == NULL) {
+ if (stmt->xt.opts)
+ printf("%s", stmt->xt.opts);
} else if (stmt->xt.target->xlate) {
struct xt_xlate_tg_params params = {
.ip = stmt->xt.entry,
--
2.19.0
