From 51d804aa4f1232d38f18e60f95a52b6a6f06ec0a Mon Sep 17 00:00:00 2001
From: Zhiqi Chen <chenzhiqi.123@bytedance.com>
Date: Wed, 10 May 2023 16:35:37 +0800
Subject: dpctl: Fix dereferencing null pointer in parse_ct_limit_zones().

Command with empty string following "dpctl/ct-get-limits zone="
such as "ovs-appctl dpctl/ct-get-limits zone=" will cause
parse_ct_limit_zones() dereferencing null.

Signed-off-by: Zhiqi Chen <chenzhiqi.123@bytedance.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
---
 lib/dpctl.c    |  5 +++--
 tests/dpctl.at | 16 ++++++++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/lib/dpctl.c b/lib/dpctl.c
index 742fbce2d..0fc053e06 100644
--- a/lib/dpctl.c
+++ b/lib/dpctl.c
@@ -2174,7 +2174,7 @@ parse_ct_limit_zones(const char *argv, struct ovs_list *zone_limits,
     argcopy = xstrdup(argv + 5);
     next_zone = strtok_r(argcopy, ",", &save_ptr);
 
-    do {
+    while (next_zone != NULL) {
         if (ovs_scan(next_zone, "%"SCNu16, &zone)) {
             ct_dpif_push_zone_limit(zone_limits, zone, 0, 0);
         } else {
@@ -2182,7 +2182,8 @@ parse_ct_limit_zones(const char *argv, struct ovs_list *zone_limits,
             free(argcopy);
             return EINVAL;
         }
-    } while ((next_zone = strtok_r(NULL, ",", &save_ptr)) != NULL);
+        next_zone = strtok_r(NULL, ",", &save_ptr);
+    }
 
     free(argcopy);
     return 0;
diff --git a/tests/dpctl.at b/tests/dpctl.at
index 7454a51ec..d2f1046f8 100644
--- a/tests/dpctl.at
+++ b/tests/dpctl.at
@@ -135,3 +135,19 @@ AT_CHECK([ovs-appctl dpctl/dump-flows dummy@br0 | sort], [0], [dnl
 AT_CHECK([ovs-appctl dpctl/del-dp dummy@br0])
 OVS_VSWITCHD_STOP
 AT_CLEANUP
+
+AT_SETUP([dpctl - ct-get-limits ct-del-limits])
+OVS_VSWITCHD_START
+AT_CHECK([ovs-appctl dpctl/ct-get-limits], [0], [default limit=0
+])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=], [0], [default limit=0
+])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=,], [0], [default limit=0
+])
+AT_CHECK([ovs-appctl dpctl/ct-get-limits zone=x], [2], [],
+  [ovs-vswitchd: invalid zone (Invalid argument)
+ovs-appctl: ovs-vswitchd: server returned an error
+])
+AT_CHECK([ovs-appctl dpctl/ct-del-limits zone=])
+OVS_VSWITCHD_STOP
+AT_CLEANUP
\ No newline at end of file
-- 
cgit v1.2.1