Skip to content

Add missing null check for SlhDsa's constructor #115944

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 24, 2025
Merged

Add missing null check for SlhDsa's constructor #115944

merged 2 commits into from
May 24, 2025

Conversation

vcsjones
Copy link
Member

A type that is derived from SlhDsa could pass null in to the algorithm parameter. This adds a null check and a test to prevent it. This makes SlhDsa consistent with MLKem and MLDsa's constructor checks.

@vcsjones vcsjones self-assigned this May 23, 2025
@Copilot Copilot AI review requested due to automatic review settings May 23, 2025 15:00
@vcsjones vcsjones added this to the 10.0.0 milestone May 23, 2025
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Copilot
Copilot AI reviewed May 23, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a null check to the SlhDsa constructor and introduces a corresponding unit test to ensure passing null for the algorithm parameter throws ArgumentNullException.

  • Added ArgumentNullException.ThrowIfNull(algorithm) to the SlhDsa constructor for null guarding.
  • Created a new [Fact] in SlhDsaContractTests to validate that the constructor throws when given null.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
src/libraries/Common/src/System/Security/Cryptography/SlhDsa.cs Added null-check in protected constructor
src/libraries/Common/tests/.../SlhDsaContractTests.cs Added test ArgumentValidation_Ctor_NullAlgorithm
Comments suppressed due to low confidence (2)

src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaContractTests.cs:54

  • [nitpick] The test method name is slightly inconsistent with the existing naming pattern (NullArgumentValidation). Consider renaming it to NullArgumentValidation_Ctor_NullAlgorithm for consistency with other argument validation tests.
public static void ArgumentValidation_Ctor_NullAlgorithm()

src/libraries/Common/src/System/Security/Cryptography/SlhDsa.cs:58

  • Consider updating the XML doc comment for this constructor to include an <exception> tag documenting that passing a null algorithm throws ArgumentNullException.
ArgumentNullException.ThrowIfNull(algorithm);

@build-analysis build-analysis bot mentioned this pull request May 24, 2025
Open
3 tasks
@vcsjones vcsjones enabled auto-merge (squash) May 24, 2025 02:15
@vcsjones
Copy link
Member Author

/ba-g Android leg timed out and is tracked in #115955

@vcsjones vcsjones merged commit 2b0c8c3 into dotnet:main May 24, 2025
83 of 85 checks passed
@vcsjones vcsjones deleted the slhdsa-null-arg-ctor-check branch May 24, 2025 18:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot

@PranavSenthilnathan PranavSenthilnathan

Assignees

@vcsjones vcsjones

Labels
area-System.Security
Projects
None yet
Milestone
10.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@vcsjones @PranavSenthilnathan