isisd: Fix CID 1568129 (Null pointer dereference)

Fix this coverity issue:

*** CID 1568129:  Null pointer dereferences  (REVERSE_INULL)
/isisd/isis_tlvs.c: 2813 in unpack_item_srv6_end_sid()
2807                    sid->subsubtlvs = NULL;
2808            }
2809
2810            append_item(&subtlvs->srv6_end_sids, (struct isis_item *)sid);
2811            return 0;
2812     out:
>>>     CID 1568129:  Null pointer dereferences  (REVERSE_INULL)
>>>     Null-checking "sid" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
2813            if (sid)
2814                    free_item_srv6_end_sid((struct isis_item *)sid);
2815            return 1;
2816     }
2817
2818     /* Functions related to TLVs 1 Area Addresses */

Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>

diff --git a/isisd/isis_tlvs.c b/isisd/isis_tlvs.c
index cd7b3b88423eae29a27e1b0fb4974c6fd62731e1..ecf43faa7060ac36d15b5c906c38ef1935ef7fcf 100644 (file)
--- a/isisd/isis_tlvs.c
+++ b/isisd/isis_tlvs.c
@@ -2751,7 +2751,7 @@ static int unpack_item_srv6_end_sid(uint16_t mtid, uint8_t len,
                                    void *dest, int indent)
 {
        struct isis_subtlvs *subtlvs = dest;
-       struct isis_srv6_end_sid_subtlv *sid;
+       struct isis_srv6_end_sid_subtlv *sid = NULL;
        size_t consume;
        uint8_t subsubtlv_len;
 
@@ -2763,7 +2763,7 @@ static int unpack_item_srv6_end_sid(uint16_t mtid, uint8_t len,
                        log, indent,
                        "Not enough data left. (expected 19 or more bytes, got %hhu)\n",
                        len);
-               return 1;
+               goto out;
        }
 
        sid = XCALLOC(MTYPE_ISIS_SUBTLV, sizeof(*sid));