Commit 05774d7e authored Oct 22, 2025 by Eric Biggers Committed by Jakub Kicinski Oct 23, 2025

tcp: Remove unnecessary null check in tcp_inbound_md5_hash()

The 'if (!key && hash_location)' check in tcp_inbound_md5_hash() implies
that hash_location might be null.  However, later code in the function
dereferences hash_location anyway, without checking for null first.
Fortunately, there is no real bug, since tcp_inbound_md5_hash() is
called only with non-null values of hash_location.

Therefore, remove the unnecessary and misleading null check of
hash_location.  This silences a Smatch static checker warning
(https://lore.kernel.org/netdev/aPi4b6aWBbBR52P1@stanley.mountain/

)

Also fix the related comment at the beginning of the function.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Kuniyuki Iwashima <kuniyu@google.com>
Reviewed-by: Dmitry Safonov <0x7f454c46@gmail.com>
Link: https://patch.msgid.link/20251022221209.19716-1-ebiggers@kernel.org


Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent 9ff86092

net/ipv4/tcp.c

+4 −6

Original line number	Diff line number	Diff line
		@@ -4886,18 +4886,16 @@ tcp_inbound_md5_hash(const struct sock sk, const struct sk_buff skb,
		int family, int l3index, const __u8 *hash_location)
		{
		/* This gets called for each TCP segment that has TCP-MD5 option.
		* We have 3 drop cases:
		* o No MD5 hash and one expected.
		* o MD5 hash and we're not expecting one.
		* o MD5 hash and its wrong.
		* We have 2 drop cases:
		* o An MD5 signature is present, but we're not expecting one.
		* o The MD5 signature is wrong.
		*/
		const struct tcp_sock *tp = tcp_sk(sk);
		struct tcp_md5sig_key *key;
		u8 newhash[16];

		key = tcp_md5_do_lookup(sk, l3index, saddr, family);

		if (!key && hash_location) {
		if (!key) {
		NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
		trace_tcp_hash_md5_unexpected(sk, skb);
		return SKB_DROP_REASON_TCP_MD5UNEXPECTED;