On Mon, 3 Aug 2009 11:02:37 -0400 James Smart <James.Smart@xxxxxxxxxx> wrote: > Roel Kluin wrote: > > Check whether index is within bounds before testing the element. > > > > Signed-off-by: Roel Kluin <roel.kluin@xxxxxxxxx> > > --- > > diff --git a/drivers/scsi/lpfc/lpfc_vport.c b/drivers/scsi/lpfc/lpfc_vport.c > > index e0b4992..ade2df6 100644 > > --- a/drivers/scsi/lpfc/lpfc_vport.c > > +++ b/drivers/scsi/lpfc/lpfc_vport.c > > @@ -762,7 +762,7 @@ lpfc_destroy_vport_work_array(struct lpfc_hba *phba, struct lpfc_vport **vports) > > int i; > > if (vports == NULL) > > return; > > - for (i = 0; vports[i] != NULL && i <= phba->max_vports; i++) > > + for (i = 0; i <= phba->max_vports && vports[i] != NULL; i++) > > scsi_host_put(lpfc_shost_from_vport(vports[i])); > > kfree(vports); > > } > > NACK - the vports array is created such that it is sized for > phba->max_vports + 1. (top-posting repaired so that I can feasibly reply to the email, dammit) There's no need to allocate the extra slot in the vports array if we're also retaining its size. I'd suggest that we merge Roel's patch and then reduce the size of vports[]. What prevents the loop in lpfc_create_vport_work_array() from wandering off the end of vports[], btw? -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
