From bddd6bb95ef6eb521e2d3dbb70b368b6430f0552 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Mon, 15 Aug 2022 11:43:27 -0400 Subject: [PATCH] pimd: vrf may be NULL from pim_cmd_lookup_vrf The call into pim_cmd_lookup_vrf may be NULL and dereferencing it before ensuring that the vrf pointer is non-NULL is a good way to crash. A crash can be initiated in pim: eva# show ip msdp vrf NOEXIST mesh-group vtysh: error reading from pimd: Permission denied (13)Warning: closing connection to pimd because of an I/O error! eva# 2022/08/15 11:47:38 [PHJDC-499N2][EC 100663314] STARVATION: task vtysh_rl_read (560b77f76de6) ran for 16777ms (cpu time 0ms) eva# Signed-off-by: Donald Sharp --- pimd/pim_cmd.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pimd/pim_cmd.c b/pimd/pim_cmd.c index a3188128fa..c2453efa06 100644 --- a/pimd/pim_cmd.c +++ b/pimd/pim_cmd.c @@ -5526,12 +5526,13 @@ DEFUN (show_ip_msdp_mesh_group, int idx = 2; struct pim_msdp_mg *mg; struct vrf *vrf = pim_cmd_lookup_vrf(vty, argv, argc, &idx); - struct pim_instance *pim = vrf->info; + struct pim_instance *pim; struct json_object *json = NULL; if (!vrf) return CMD_WARNING; + pim = vrf->info; /* Quick case: list is empty. */ if (SLIST_EMPTY(&pim->msdp.mglist)) { if (uj) -- 2.39.5