New commits: commit 0e67cf45937b7cd8b03c7bee24a3871dbb7618d6 Author: D. Hugh Redelmeier <h...@mimosa.com> Date: Wed Jun 16 02:47:01 2021 -0400
pluto: get rid of fake_md from aggr_outI1_continue() Stimulus: Coverity flagged a possible null pointer dereference of fake_md->smc I hadn't heard of this crash actually happening. The reason is that the "result" parameter for complete_v1_state_transition would normally be STF_IGNORE and the function would return early with no crash. In theory, STF_INTERNAL_ERROR was possible but probably never happened. I added a pexpect(e == STF_IGNORE) to aggr_outI1_continue. This should be replaced by appropriate logging. Unfortunately I no longer know how to log. aggr_outI1_continue's call of complete_v1_state_transition is now hardwired to use STF_IGNORE complete_v1_state_transition's passert(md != NULL) was moved to avoid demanding an md when none is needed. (This passert seems silly since all hardware we run on will catch null pointer dereferences.) At this point, fake_md became useless. And also md's fake_dne field. I cannot guarantee that Coverity will see that the NULL dereference is eliminated. _______________________________________________ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit