[crypto] Remove redundant null pointer check

Coverity reports a spurious potential null pointer dereference in cms_decrypt(), since the null pointer check takes place after the pointer has already been dereferenced. The pointer can never be null, since it is initialised to point to cipher_null at the point that the containing structure is allocated. Remove the redundant null pointer check, and for symmetry ensure that the digest and public-key algorithm pointers are similarly initialised at the point of allocation. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-01-22 12:08:58 +03:00 · 2025-05-14 12:34:27 +01:00
parent d1c1e578af
commit 4d39b2dcc6
1 changed files with 2 additions and 7 deletions
--- a/src/crypto/cms.c
+++ b/src/crypto/cms.c
@@ -450,6 +450,8 @@ static int cms_parse_participants ( struct cms_message *cms,
 		if ( ! part )
 			return -ENOMEM;
 		list_add ( &part->list, &cms->participants );
+		part->digest = &digest_null;
+		part->pubkey = &pubkey_null;

 		/* Allocate certificate chain */
 		part->chain = x509_alloc_chain();
@@ -1046,12 +1048,6 @@ int cms_decrypt ( struct cms_message *cms, struct image *image,
 	int pad_len;
 	int rc;

-	/* Sanity checks */
-	if ( ! cipher ) {
-		rc = -ENOTTY;
-		goto err_no_cipher;
-	}
-
 	/* Check block size */
 	if ( ( image->len & ( cipher->blocksize - 1 ) ) != 0 ) {
 		DBGC ( cms, "CMS %p invalid length %zd\n", cms, image->len );
@@ -1145,6 +1141,5 @@ int cms_decrypt ( struct cms_message *cms, struct image *image,
 	image->flags = original_flags;
 err_cipher:
 err_blocksize:
- err_no_cipher:
 	return rc;
 }