[BUG] Potential null pointer dereference vulnerability

[HoshinoStranding]

Hi, I have found a potential null pointer dereference bug in the project and would like to report it to the maintainers. Can you please help me check it? Thank you for your effort and patience!
Below is the execution sequence of the program that may produce null pointer dereference bug.

In the file src/common/cisco_eeprom.c, the function cisco_eeprom_copy calls cisco_eeprom_free at line 553, in which **eeprom->data (dst->data) ** is assigned as NULL. If the function malloc fails at line 555, dst->data will remain NULL (otherwise it will be assigned as a newly malloced space at line 560).

As the image shown below, after step 4、5、6, NULL value may be dereferenced in the file src/common/cisco_eeprom.c at line 592 in the function cisco_eeprom_get_byte.

Thank you very much for reading and I look forward to hearing from you!

[grossmj]

@flaviojs

[Raizo62]

Hi

What do you think to add a return -1 in dev_c3745_nm_16esw_init if the return of cisco_card_set_eeprom(vm,card,cisco_eeprom_find_nm("NM-16ESW")) is "-1" ?