[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAG48ez11LLG5nccyfY0DpFoFFXbXkxbB9pZPL81EVkbkWW7EKA@mail.gmail.com>
Date: Mon, 27 Nov 2023 14:10:45 +0100
From: Jann Horn <jannh@...gle.com>
To: David Howells <dhowells@...hat.com>
Cc: Boris Pismenny <borisp@...dia.com>, John Fastabend <john.fastabend@...il.com>,
Jakub Kicinski <kuba@...nel.org>, "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] tls: fix NULL deref on tls_sw_splice_eof() with empty record
On Mon, Nov 27, 2023 at 10:04 AM David Howells <dhowells@...hat.com> wrote:
> Jann Horn <jannh@...gle.com> wrote:
>
> > + /* same checks as in tls_sw_push_pending_record() */
>
> Wouldn't it be better to say what you're checking rather than referring off to
> another function that might one day disappear or be renamed?
Hm, maybe? My thought was that since this is kind of a special version
of what tls_sw_push_pending_record() does, it's clearer to refer to
sort of the canonical version of these checks. And if that ever
disappears or gets renamed or whatever, and someone misses the
comment, you'll still have git history to look at.
And if, in the future, someone decides to add more checks to
tls_sw_push_pending_record() for whatever reason, commenting it this
way will make it clearer that tls_sw_splice_eof() could potentially
require the same checks.
Powered by blists - more mailing lists