[Swan-dev] pluto: get rid of fake_md from aggr_outI1_continue()
Andrew Cagney
andrew.cagney at gmail.com
Wed Jun 16 12:46:56 UTC 2021
nice!
On Wed, 16 Jun 2021 at 03:03, D. Hugh Redelmeier <hugh at vault.libreswan.fi>
wrote:
> New commits:
> commit 0e67cf45937b7cd8b03c7bee24a3871dbb7618d6
> Author: D. Hugh Redelmeier <hugh at mimosa.com>
> Date: Wed Jun 16 02:47:01 2021 -0400
>
> pluto: get rid of fake_md from aggr_outI1_continue()
>
> Stimulus: Coverity flagged a possible null pointer dereference of
> fake_md->smc
>
> I hadn't heard of this crash actually happening. The reason is that
> the "result" parameter for complete_v1_state_transition would normally
> be STF_IGNORE and the function would return early with no crash. In
> theory, STF_INTERNAL_ERROR was possible but probably never happened.
>
> I added a pexpect(e == STF_IGNORE) to aggr_outI1_continue. This
> should be replaced by appropriate logging. Unfortunately I no longer
> know how to log.
>
> aggr_outI1_continue's call of complete_v1_state_transition is now
> hardwired to use STF_IGNORE
>
> complete_v1_state_transition's passert(md != NULL) was moved to avoid
> demanding an md when none is needed. (This passert seems silly since
> all hardware we run on will catch null pointer dereferences.)
>
The log output is more readable.
> At this point, fake_md became useless. And also md's fake_dne field.
>
> I cannot guarantee that Coverity will see that the NULL dereference is
> eliminated.
>
> _______________________________________________
> Swan-commit mailing list
> Swan-commit at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-commit
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20210616/2a2c30b3/attachment.html>
More information about the Swan-dev
mailing list