> -----Original Message-----
> From: longpeng
> Sent: Monday, November 06, 2017 2:21 PM
> To: berra...@redhat.com; pbonz...@redhat.com; Gonglei (Arei)
> Cc: longpeng; qemu-devel@nongnu.org
> Subject: [PATCH] crypto: afalg: fix a NULL pointer dereference
>
> Test-crypto-hash calls qcrypto_hash_bytesv/digest/base64 with
> errp=NULL, this will cause a NULL poniter deference if afalg_driver
> doesn't support requested algos:
> ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
> result, resultlen,
> errp);
> if (ret == 0) {
> return ret;
> }
>
> error_free(*errp); // <--- here
>
> So we must check 'errp & *errp' before dereference.
>
> Signed-off-by: Longpeng(Mike) <longpe...@huawei.com>
> ---
Reported-by: Paolo Bonzini <pbonz...@redhat.com>
Reviewed-by: Gonglei <arei.gong...@huawei.com>
Thanks,
-Gonglei
> crypto/hash.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/crypto/hash.c b/crypto/hash.c
> index ac59c63..c464c78 100644
> --- a/crypto/hash.c
> +++ b/crypto/hash.c
> @@ -60,7 +60,9 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
> * TODO:
> * Maybe we should treat some afalg errors as fatal
> */
> - error_free(*errp);
> + if (errp && *errp) {
> + error_free(*errp);
> + }
> #endif
>
> return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,
> --
> 1.8.3.1
>
