The patch titled
qla2xxx: fix NULL ptr deref bug in fail path during queue create
has been added to the -mm tree. Its filename is
qla2xxx-fix-null-ptr-dereference-in-fail-path-in-queue-create-code-update.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/SubmitChecklist when testing your code ***
See http://userweb.kernel.org/~akpm/stuff/added-to-mm.txt to find
out what to do about this
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: qla2xxx: fix NULL ptr deref bug in fail path during queue create
From: Anirban Chakraborty <anirban.chakraborty@xxxxxxxxxx>
Current code attempts to clean up resources when queue create fails and there it
invokes queue free call with a (NULL) pointer to the queue which could not be
allocated in the first place. Fix it by returning directly without invoking the
queue free call as no resources has been allocated at that point of time.
Reported-by: Jiri Slaby <jirislaby@xxxxxxxxx>
Signed-off-by: Anirban Chakraborty <anirban.chakraborty@xxxxxxxxxx>
Cc: Andrew Vasquez <andrew.vasquez@xxxxxxxxxx>
Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
drivers/scsi/qla2xxx/qla_mid.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff -puN drivers/scsi/qla2xxx/qla_mid.c~qla2xxx-fix-null-ptr-dereference-in-fail-path-in-queue-create-code-update drivers/scsi/qla2xxx/qla_mid.c
--- a/drivers/scsi/qla2xxx/qla_mid.c~qla2xxx-fix-null-ptr-dereference-in-fail-path-in-queue-create-code-update
+++ a/drivers/scsi/qla2xxx/qla_mid.c
@@ -568,7 +568,7 @@ qla25xx_create_req_que(struct qla_hw_dat
if (req == NULL) {
qla_printk(KERN_WARNING, ha, "could not allocate memory"
"for request que\n");
- return 0;
+ goto failed;
}
req->length = REQUEST_ENTRY_CNT_24XX;
@@ -632,6 +632,7 @@ qla25xx_create_req_que(struct qla_hw_dat
que_failed:
qla25xx_free_req_que(base_vha, req);
+failed:
return 0;
}
@@ -659,7 +660,7 @@ qla25xx_create_rsp_que(struct qla_hw_dat
if (rsp == NULL) {
qla_printk(KERN_WARNING, ha, "could not allocate memory for"
" response que\n");
- return 0;
+ goto failed;
}
rsp->length = RESPONSE_ENTRY_CNT_MQ;
@@ -728,6 +729,7 @@ qla25xx_create_rsp_que(struct qla_hw_dat
que_failed:
qla25xx_free_rsp_que(base_vha, rsp);
+failed:
return 0;
}
_
Patches currently in -mm which might be from anirban.chakraborty@xxxxxxxxxx are
qla2xxx-fix-null-ptr-dereference-in-fail-path-in-queue-create-code.patch
qla2xxx-fix-null-ptr-dereference-in-fail-path-in-queue-create-code-update.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
