Fix cred_init() NULL-check (test the credkey result, not the function symbol)#107
Merged
Conversation
cred_init() stored credkey()'s WSA pointer in `key` but then checked the function symbol `credkey` (whose address is never NULL) instead of `key`, so the guard was dead code. A failed WSA allocation (credkey() == NULL) fell through and handed a NULL key to blowfish_key_setup() -> NULL deref at init. Check `key` so the failure returns -1 cleanly, as the message intends. Fixes #106
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
cred_init()storedcredkey()'s WSA pointer inkey, then NULL-checked the function symbolcredkey(its address is never NULL) instead ofkey— the guard was dead code (this is thecredinit.c:8: warning: the address of 'credkey' will always evaluate as 'true').If
credkey()returns NULL (WSA allocation for the Blowfish key failed at init),cred_init()fell through and passed a NULLkeytoblowfish_key_setup()→ NULL deref. The"unable to allocate WSA for BLOWFISH_KEY"message confirms the check was meant to testkey.One-line fix:
if (!credkey)→if (!key).Verified:
make modulescompilescredentials/src/credinit.cwarning-free; all 6 modules link.Fixes #106