Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp574356lqp; Thu, 21 Mar 2024 09:13:07 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVqZA5wPNBFVY4rAnIIB32PETXaLhxQ088BXxJLTs22UvGfEDh3kot81ODSmYMv7oMYO2X/7OpAijysJS5WnK3qROogEbZQc3+xlZgljA== X-Google-Smtp-Source: AGHT+IHom0MdeIRumpE0L0CbQzBhh/iT5vFEtrjvkpuewAOpERccJEhBuvdtZJ4PzxgIqR9/NrCi X-Received: by 2002:ac8:7c4e:0:b0:431:172d:645d with SMTP id o14-20020ac87c4e000000b00431172d645dmr5032215qtv.26.1711037586624; Thu, 21 Mar 2024 09:13:06 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711037586; cv=pass; d=google.com; s=arc-20160816; b=sAsiIXhMLSrIglrGkjk6kzIrojIRUIe4MfD4928tCiz6F7CTH+2SnQUuwf/p+MO4yQ E3VJ7a2x9MTDXRDgnLwFQL3pb6GuihRBNmX9IBKIC3kykvlOFuqT/XG+OJRB04tIWoWk M0uEiZEq/dpsHULud9LcUL5LggfYdMaZ2JIGnDihXAgvTFk42Owbg215tCmZOYaBPO8U 1bfPIdPeSivDpQUwyzW+AUwNJq0x9K6easJmLit/8nQu9YOcY1gsoZg3VSi5vny4NcbM PFqvNqDjtLKbu2RFlQgm1pJjqx9mCS5yYTHREGJJAkyPhDO6u4UjzC+q1Nugo51gzDul hr9w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:cc:to:from:subject:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=Fel4/sG2beXCI5HquUfB1gsdgD+hr63aJ6tGcCHo7yw=; fh=Nh/npHrf6KN7smtFcYdrbn2U97brEnMSDp/NcFtM6g8=; b=fnHFDsX259Tl7ewQ8R7hGu5dmLripJCXHz5RanH6PlUoKTSHKSLQSZmaGQLDkVT8fs qHio9eWDSIjQOB5h42gMC36g6vYmi72u62q1PGmDqKxaIr1sX8o2S2NaEr86nSt+Wi2a 5IP0YjYEl0ytPmMT2LJFx9zQFDrqy6K2pR59Cqr5f3ab4kLmkKcVzXlQC2kUd8xPT45K Yoh7cuvCOnjwHUk+9tRiTcIqCGxlVCqStpplPPumbperGc6UNSpR0TcNxpsCmKukkhKJ a6VejBi+Gk8UEoagpwm6Hlv640J9QErUnA7ehY89BhMfLHCJggZ2LXaEPB6gPcXlg9x7 i0gw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TPtqcps1; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2800-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2800-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id d1-20020a05620a166100b007885dd7156esi15665qko.674.2024.03.21.09.13.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Mar 2024 09:13:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-2800-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TPtqcps1; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2800-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2800-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id F226F1C213F1 for ; Thu, 21 Mar 2024 16:13:05 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4CE6612BF2C; Thu, 21 Mar 2024 16:13:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="TPtqcps1" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0180676052; Thu, 21 Mar 2024 16:13:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711037581; cv=none; b=SXqtk1s8HLUaxWELPJ2dRUvp3GFiTI/alB5u+cH/3vrx3iXTvFixqkfcTLbgpyPzcIQEOXi91GZ+x7eq4CBJJQzc4BlcrQd1AYg2iV/81ipYVa2NuBm2OBh1Bvh3v+Sw/YVzVS0e0ENj5nuAXXTG2ILOzJB0d9COYGHSaLfpgTg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711037581; c=relaxed/simple; bh=tUZSPagVnxlSPXiCUxy39X6cj4+GA0/zLIHYPdPCTX8=; h=Mime-Version:Content-Type:Date:Message-Id:Subject:From:To:Cc: References:In-Reply-To; b=ANORgEKY/+10nZl8VmSBYno3T/0yrVpR202igzzWepFhWoQUCZ060sjjFbShGv9CljIo4jrcptf0bHWlicD/o53wdJO6iyfqXFVPpxoX24falhoRaIjk5N50+ZVDUTUJuxct6T5lxzgFePXEF1FUlO7tias0NiSD2hTLDjC50K8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=TPtqcps1; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 721D4C433F1; Thu, 21 Mar 2024 16:12:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711037580; bh=tUZSPagVnxlSPXiCUxy39X6cj4+GA0/zLIHYPdPCTX8=; h=Date:Subject:From:To:Cc:References:In-Reply-To:From; b=TPtqcps1MVy2J4Z6DJQPSJv6c7n+WkGgwhEz4ZETzPDJJGTcbsEuiKmuamXzbaQaA upbVqtDp01fHcD5PCDsHkI/FSdq+OF/sB1CaDZ5xasTuOaSz78EzNQ3pWSErBnM21R 5QPODJ4yvanZC+2v0OrX7zeCUQ+2AMM9x72x9ygYzu5B3o1TmJcabEhRxcJbG1FLfS Y9e3JQti6ZVs/1giuyBzkFcu7mEQ9dtmGgRRLe7xTLJ5gm48eGqqTXrnes+SvqP/jZ 7iTrABtAGzFPWnz4/SAfkoiQrsceiSk4MdfWQeersX/GcbAQxqUDNRXIuthnSsA3PL YIwnQTTaJbOqA== Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 21 Mar 2024 18:12:56 +0200 Message-Id: Subject: Re: [PATCH] KEYS: prevent NULL pointer dereference in find_asymmetric_key() From: "Jarkko Sakkinen" To: "Roman Smirnov" , "David Howells" , "Herbert Xu" , "David S. Miller" , "Andrew Zaborowski" Cc: "keyrings@vger.kernel.org" , "linux-crypto@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "lvc-project@linuxtesting.org" , "Sergey Shtylyov" X-Mailer: aerc 0.17.0 References: <20240315103320.18754-1-r.smirnov@omp.ru> <7fd0f2a8252d4a6aa295adc1e76bc0e2@omp.ru> In-Reply-To: <7fd0f2a8252d4a6aa295adc1e76bc0e2@omp.ru> On Wed Mar 20, 2024 at 10:21 AM EET, Roman Smirnov wrote: > On Tue, 19 Mar 2024 22:14:22 +0200 Jarkko Sakkinen wrote: > > On Tue Mar 19, 2024 at 4:44 PM EET, Roman Smirnov wrote: > > > On Tue, 19 Mar 2024 01:39:00 +0200 Jarkko Sakkinen wrote: > > > > On Fri Mar 15, 2024 at 12:33 PM EET, Roman Smirnov wrote: > [...] > > > > > > > > > > Found by Linux Verification Center (linuxtesting.org) with Svace. > > > >=20 > > > > I'm not sure if this should be part of the commit message. > > > > > > I have already submitted patches with this line, some have been > > > accepted. It is important for the Linux Verification Center to mark > > > patches as closing issues found with Svace. > > > > > > > > > > > > > Fixes: 7d30198ee24f ("keys: X.509 public key issuer lookup withou= t AKID") > > > > > Suggested-by: Sergey Shtylyov > > > >=20 > > > > Should be reported-by. > > > > > > The suggested-by tag belongs to Sergey because he suggested the fix, > > > subject/description of the patch. The tag reported-by belongs to > > > Svace tool. > > > > 1. I did not see any reported-by tags in this which is requirement. > > 2. Who did find the issue using that tool? I don't put reported-by to > > GDB even if I use that find the bug. > > Svace is an automated bug finding tool. This error was found during > source code analysis by the program, so the tag reported-by does not > belong to any person. I don't know what to do in such a situation, > but write something like: > > Reported-by: Svace > > would be weird. I think that the line "Found by Linux ... with Svace" > could be a substitute for the tag. I'd prefer a person here that used the tool as it is not korg hosted automated tool. BR, Jarkko