Re: [PATCH] tls: Check return value of get_cipher_desc in fill_sg_out

From: Jakub Kicinski
Date: Wed Feb 12 2025 - 20:44:20 EST


On Wed, 12 Feb 2025 10:53:50 +0800 Wentao Liang wrote:
> The function get_cipher_desc() may return NULL if the cipher type is
> invalid or unsupported. In fill_sg_out(), the return value is used
> without any checks, which could lead to a NULL pointer dereference.
>
> This patch adds a DEBUG_NET_WARN_ON_ONCE check to ensure that
> cipher_desc is valid and offloadable before proceeding. This prevents
> potential crashes and provides a clear warning in debug builds.

Does not make any sense, the state is validated during configuration.
--
pw-bot: reject
pv-bot: llm