On Fri, Feb 23, 2018 at 10:06:16AM +0100, SF Markus Elfring wrote: > > Calling crypto_free_shash(NULL) is actually fine. > > Really? > > > > It doesn't dereference the parameter, it just does pointer math on it in > > crypto_shash_tfm() and returns if it's NULL in crypto_destroy_tfm(). > > Can a passed null pointer really work in this function? > > https://elixir.bootlin.com/linux/v4.16-rc2/source/include/crypto/hash.h#L684 > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/crypto/hash.h?id=0f9da844d87796ac31b04e81ee95e155e9043132#n751 > > static inline struct crypto_tfm *crypto_shash_tfm(struct crypto_shash *tfm) > { > return &tfm->base; > } Yes. It's not a dereference, it's just doing pointer math to get the address. regards, dan carpenter
