This is a note to let you know that I've just added the patch titled
qlcnic: potential NULL dereference in qlcnic_83xx_get_minidump_template()
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
qlcnic-potential-null-dereference-in-qlcnic_83xx_get_minidump_template.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 5f46feab87bb105d6a217d966b327fdc56696802 Mon Sep 17 00:00:00 2001
From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Date: Tue, 10 May 2016 22:20:04 +0300
Subject: qlcnic: potential NULL dereference in qlcnic_83xx_get_minidump_template()
From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
commit 5f46feab87bb105d6a217d966b327fdc56696802 upstream.
If qlcnic_fw_cmd_get_minidump_temp() fails then "fw_dump->tmpl_hdr" is
NULL or possibly freed. It can lead to an oops later.
Fixes: d01a6d3c8ae1 ('qlcnic: Add support to enable capability to extend minidump for iSCSI')
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/net/ethernet/qlogic/qlcnic/qlcnic_minidump.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_minidump.c
+++ b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_minidump.c
@@ -1419,6 +1419,7 @@ void qlcnic_83xx_get_minidump_template(s
struct qlcnic_fw_dump *fw_dump = &ahw->fw_dump;
struct pci_dev *pdev = adapter->pdev;
bool extended = false;
+ int ret;
prev_version = adapter->fw_version;
current_version = qlcnic_83xx_get_fw_version(adapter);
@@ -1429,8 +1430,11 @@ void qlcnic_83xx_get_minidump_template(s
if (qlcnic_83xx_md_check_extended_dump_capability(adapter))
extended = !qlcnic_83xx_extend_md_capab(adapter);
- if (!qlcnic_fw_cmd_get_minidump_temp(adapter))
- dev_info(&pdev->dev, "Supports FW dump capability\n");
+ ret = qlcnic_fw_cmd_get_minidump_temp(adapter);
+ if (ret)
+ return;
+
+ dev_info(&pdev->dev, "Supports FW dump capability\n");
/* Once we have minidump template with extended iSCSI dump
* capability, update the minidump capture mask to 0x1f as
Patches currently in stable-queue which might be from dan.carpenter@xxxxxxxxxx are
queue-4.4/net-moxa-fix-an-error-code.patch
queue-4.4/cx23885-uninitialized-variable-in-cx23885_av_work_handler.patch
queue-4.4/power-ipaq-micro-battery-freeing-the-wrong-variable.patch
queue-4.4/i40e-fix-an-uninitialized-variable-bug.patch
queue-4.4/mips-rm7000-double-locking-bug-in-rm7k_tc_disable.patch
queue-4.4/btrfs-clean-up-an-error-code-in-btrfs_init_space_info.patch
queue-4.4/xprtrdma-checking-for-null-instead-of-is_err.patch
queue-4.4/asoc-intel-pass-correct-parameter-in-sst_alloc_stream_mrfld.patch
queue-4.4/ath9k_htc-check-for-underflow-in-ath9k_htc_rx_msg.patch
queue-4.4/qlcnic-use-the-correct-ring-in-qlcnic_83xx_process_rcv_ring_diag.patch
queue-4.4/mips-octeon-off-by-one-in-octeon_irq_gpio_map.patch
queue-4.4/qede-uninitialized-variable-in-qede_start_xmit.patch
queue-4.4/mfd-lp8788-irq-uninitialized-variable-in-irq-handler.patch
queue-4.4/nfc-nci-memory-leak-in-nci_core_conn_create.patch
queue-4.4/ethernet-micrel-fix-some-error-codes.patch
queue-4.4/am437x-vpfe-fix-an-uninitialized-variable-bug.patch
queue-4.4/qlcnic-potential-null-dereference-in-qlcnic_83xx_get_minidump_template.patch
queue-4.4/bpf-mips-fix-off-by-one-in-ctx-offset-allocation.patch
queue-4.4/mdio-sun4i-oops-in-error-handling-in-probe.patch
queue-4.4/vfio-platform-reset-fix-a-warning-message-condition.patch
queue-4.4/x86-apic-uv-silence-a-shift-wrapping-warning.patch
