From bd3c89cb1ab38ba04033f3ae8aa08823d4a43f88 Mon Sep 17 00:00:00 2001
From: Ciara Power <ciara.power@intel.com>
Date: Tue, 12 May 2020 16:28:59 +0100
Subject: [PATCH] telemetry: fix error checking for strchr function

The strchr function return was not being checked which could lead to
NULL deferencing later in the function.

Coverity issue: 358438, 358445
Fixes: b80fe1805eee ("telemetry: introduce backward compatibility")

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Kevin Laatz <kevin.laatz@intel.com>
---
 lib/librte_telemetry/telemetry_legacy.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/librte_telemetry/telemetry_legacy.c b/lib/librte_telemetry/telemetry_legacy.c
index 8e24eb4cb9..10b575adfd 100644
--- a/lib/librte_telemetry/telemetry_legacy.c
+++ b/lib/librte_telemetry/telemetry_legacy.c
@@ -82,8 +82,16 @@ register_client(const char *cmd __rte_unused, const char *params,
 	int fd;
 	struct sockaddr_un addrs;
 
+	if (!strchr(params, ':')) {
+		fprintf(stderr, "Invalid data\n");
+		return -1;
+	}
 	strlcpy(data, strchr(params, ':'), sizeof(data));
 	memcpy(data, &data[strlen(":\"")], strlen(data));
+	if (!strchr(data, '\"')) {
+		fprintf(stderr, "Invalid client data\n");
+		return -1;
+	}
 	*strchr(data, '\"') = 0;
 
 	fd = socket(AF_UNIX, SOCK_SEQPACKET, 0);
@@ -178,6 +186,8 @@ parse_client_request(char *buffer, int buf_len, int s)
 		if (!strchr(data_ptr, '{'))
 			data_sep = data_ptr[strlen(callbacks[i].data)];
 		else {
+			if (!strchr(data_ptr, '}'))
+				return -EINVAL;
 			char *data_end = strchr(data_ptr, '}');
 			data = data_ptr + strlen(DATA_REQ_LABEL);
 			data_sep = data_end[1];
-- 
2.20.1