From 7f5f853d0b8b71c84dad23c1b3d883f6962cd26f Mon Sep 17 00:00:00 2001
From: Renato Westphal <renato@opensourcerouting.org>
Date: Fri, 19 Oct 2018 15:55:03 -0300
Subject: [PATCH] bgpd: fix NULL pointer dereference bug

Other parts of the rfapi code check if the 'rfg->rfapi_import_table'
pointer is NULL or not before using it. Do the same here to fix a crash
detected by the CLI fuzzer.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
---
 bgpd/rfapi/rfapi_vty.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bgpd/rfapi/rfapi_vty.c b/bgpd/rfapi/rfapi_vty.c
index cdf281f240..1844839f25 100644
--- a/bgpd/rfapi/rfapi_vty.c
+++ b/bgpd/rfapi/rfapi_vty.c
@@ -4845,6 +4845,10 @@ DEFUN (add_vrf_prefix_rd_label_pref,
 static int rfapi_cfg_group_it_count(struct rfapi_nve_group_cfg *rfg)
 {
 	int count = 0;
+
+	if (rfg->rfapi_import_table == NULL)
+		return 0;
+
 	afi_t afi = AFI_MAX;
 	while (afi-- > 0) {
 		count += rfg->rfapi_import_table->local_count[afi];
-- 
2.39.5