@@ -191,6 +191,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
if (algtype == QCRYPTODEV_BACKEND_ALG_ASYM) {
CryptoDevBackendAsymOpInfo *asym_op_info = op_info->u.asym_op_info;
len = asym_op_info->src_len;
+
+ if (unlikely(!backend->asym_stat)) {
+ error_report("cryptodev: Unexpected asym operation");
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
switch (op_info->op_code) {
case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT:
CryptodevAsymStatIncEncrypt(backend, len);
@@ -210,6 +215,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
} else if (algtype == QCRYPTODEV_BACKEND_ALG_SYM) {
CryptoDevBackendSymOpInfo *sym_op_info = op_info->u.sym_op_info;
len = sym_op_info->src_len;
+
+ if (unlikely(!backend->sym_stat)) {
+ error_report("cryptodev: Unexpected sym operation");
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
switch (op_info->op_code) {
case VIRTIO_CRYPTO_CIPHER_ENCRYPT:
CryptodevSymStatIncEncrypt(backend, len);
Generally guest side should discover which services the device is able to offer, then do requests on device. However it's also possible to break this rule in a guest. Handle unexpected request here to avoid NULL pointer dereference. Fixes: e7a775fd ('cryptodev: Account statistics') Cc: Gonglei <arei.gonglei@huawei.com> Cc: Mauro Matteo Cascella <mcascell@redhat.com> Cc: Xiao Lei <nop.leixiao@gmail.com> Cc: Yongkang Jia <kangel@zju.edu.cn> Reported-by: Yiming Tao <taoym@zju.edu.cn> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> --- backends/cryptodev.c | 10 ++++++++++ 1 file changed, 10 insertions(+)