osmux: fix nullpointer dereference
in point_lookup() the connection pointer is determined using
mgcp_conn_get_rtp() this function may return 0. At the moment
there are no nullpointer checks implemented
Add checks to test for nullpointer.
Fixes: Coverity CID#178662
Change-Id: If9a3c1ac002bc8adc90ca1c1c3dd1db4feea07ac
diff --git a/src/libosmo-mgcp/mgcp_osmux.c b/src/libosmo-mgcp/mgcp_osmux.c
index 60ffe06..09b2636 100644
--- a/src/libosmo-mgcp/mgcp_osmux.c
+++ b/src/libosmo-mgcp/mgcp_osmux.c
@@ -207,12 +207,18 @@
case MGCP_DEST_NET:
/* FIXME: Get rid of CONN_ID_XXX! */
conn_net = mgcp_conn_get_rtp(endp, CONN_ID_NET);
- this = &conn_net->end.addr;
+ if (conn_net)
+ this = &conn_net->end.addr;
+ else
+ this = NULL;
break;
case MGCP_DEST_BTS:
/* FIXME: Get rid of CONN_ID_XXX! */
conn_bts = mgcp_conn_get_rtp(endp, CONN_ID_BTS);
- this = &conn_bts->end.addr;
+ if (conn_bts)
+ this = &conn_bts->end.addr;
+ else
+ this = NULL;
break;
default:
/* Should not ever happen */
@@ -222,7 +228,8 @@
/* FIXME: Get rid of CONN_ID_XXX! */
conn_net = mgcp_conn_get_rtp(endp, CONN_ID_NET);
- if (conn_net->osmux.cid == cid && this->s_addr == from_addr->s_addr)
+ if (conn_net && this && conn_net->osmux.cid == cid
+ && this->s_addr == from_addr->s_addr)
return endp;
}