Re: [PATCH] tls: Check return value of get_cipher_desc in fill_sg_out

From: Jakub Kicinski
Date: Wed Feb 12 2025 - 20:44:20 EST

Next message: Namhyung Kim: "Re: [PATCH v1 00/10] Move uid filtering to BPF filters"
Previous message: Sergey Senozhatsky: "Re: [PATCH v5 01/18] zram: sleepable entry locking"
In reply to: Markus Elfring: "Re: [PATCH] tls: Check return value of get_cipher_desc in fill_sg_out"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 12 Feb 2025 10:53:50 +0800 Wentao Liang wrote:
> The function get_cipher_desc() may return NULL if the cipher type is
> invalid or unsupported. In fill_sg_out(), the return value is used
> without any checks, which could lead to a NULL pointer dereference.
>
> This patch adds a DEBUG_NET_WARN_ON_ONCE check to ensure that
> cipher_desc is valid and offloadable before proceeding. This prevents
> potential crashes and provides a clear warning in debug builds.

Does not make any sense, the state is validated during configuration.
--
pw-bot: reject
pv-bot: llm

Next message: Namhyung Kim: "Re: [PATCH v1 00/10] Move uid filtering to BPF filters"
Previous message: Sergey Senozhatsky: "Re: [PATCH v5 01/18] zram: sleepable entry locking"
In reply to: Markus Elfring: "Re: [PATCH] tls: Check return value of get_cipher_desc in fill_sg_out"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]