On 2017/11/7 1:18, Stefan Hajnoczi wrote:
> On Mon, Nov 06, 2017 at 02:21:11PM +0800, Longpeng(Mike) wrote:
>> Test-crypto-hash calls qcrypto_hash_bytesv/digest/base64 with
>> errp=NULL, this will cause a NULL poniter deference if afalg_driver
>> doesn't support requested algos:
>> ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
>> result, resultlen,
>> errp);
>> if (ret == 0) {
>> return ret;
>> }
>>
>> error_free(*errp); // <--- here
>>
>> So we must check 'errp & *errp' before dereference.
>
> Only errp needs to be checked. It's okay to invoke error_free(NULL):
>
> void error_free(Error *err)
> {
> if (err) {
Ah yes, thanks for your note :)
I'll pick another approach to fix this bug.
--
Regards,
Longpeng(Mike)
