From 0a4805bf943be5b573b0560ecfcc88ff9999fd95 Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@ipxe.org>
Date: Tue, 29 Sep 2015 01:24:36 +0100
Subject: [PATCH] [peerdist] Avoid NULL pointer dereference for plaintext
 blocks

Avoid accidentally dereferencing a NULL cipher context pointer for
plaintext blocks (which are usually messages with a block length of
zero, indicating a missing block).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/net/peerblk.c | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/net/peerblk.c b/src/net/peerblk.c
index fd7ea089..9fd52b73 100644
--- a/src/net/peerblk.c
+++ b/src/net/peerblk.c
@@ -700,17 +700,20 @@ static int peerblk_parse_header ( struct peerdist_block *peerblk ) {
 		return -EPROTO;
 	}
 
-	/* Allocate cipher context.  Freeing the cipher context (on
-	 * error or otherwise) is handled by peerblk_reset().
+	/* Allocate cipher context, if applicable.  Freeing the cipher
+	 * context (on error or otherwise) is handled by peerblk_reset().
 	 */
 	peerblk->cipher = cipher;
 	assert ( peerblk->cipherctx == NULL );
-	peerblk->cipherctx = malloc ( cipher->ctxsize );
-	if ( ! peerblk->cipherctx )
-		return -ENOMEM;
+	if ( cipher ) {
+		peerblk->cipherctx = malloc ( cipher->ctxsize );
+		if ( ! peerblk->cipherctx )
+			return -ENOMEM;
+	}
 
-	/* Initialise cipher */
-	if ( ( rc = cipher_setkey ( cipher, peerblk->cipherctx, peerblk->secret,
+	/* Initialise cipher, if applicable */
+	if ( cipher &&
+	     ( rc = cipher_setkey ( cipher, peerblk->cipherctx, peerblk->secret,
 				    keylen ) ) != 0 ) {
 		DBGC ( peerblk, "PEERBLK %p %d.%d could not set key: %s\n",
 		       peerblk, peerblk->segment, peerblk->block,