Skip to content

Null-Pointer Dereference and Valid Length in serialize_mecha_XXX() #412

New issue
New issue
Open
Open
Null-Pointer Dereference and Valid Length in serialize_mecha_XXX()#412
@saursaur-oss

Description

@saursaur-oss
saursaur-oss
opened on Jan 7, 2026

Original Ticket (closed for reference): #388

It has been observed that there is no handling for scenarios where the pointer is NULL while the length is valid. Generally, a NULL pointer with a valid length is considered an invalid state and may lead to a client application crash during memory operations such as memcpy.

Suggested Approach:
Return a ‘bad parameter’ error when the pointer is NULL but the length is valid. This requires changes in two areas:

serialize_ck_mecha_params mechanism – Handle cases where Uparameter is NULL and UlparameterLen is valid.
serialize function – Validate for NULL data along with a valid length.

By implementing this approach, we can prevent client application crashes and handle the scenario deterministically with an appropriate error condition.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions