This is a note to let you know that I've just added the patch titled
qlcnic: fix unchecked return value
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
qlcnic-fix-unchecked-return-value.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Thu Mar 22 14:57:32 CET 2018
From: Pan Bian <bianpan2016@xxxxxxx>
Date: Sun, 23 Apr 2017 20:04:04 +0800
Subject: qlcnic: fix unchecked return value
From: Pan Bian <bianpan2016@xxxxxxx>
[ Upstream commit 91ec701a553cb3de470fd471c6fefe3ad1125455 ]
Function pci_find_ext_capability() may return 0, which is an invalid
address. In function qlcnic_sriov_virtid_fn(), its return value is used
without validation. This may result in invalid memory access bugs. This
patch fixes the bug.
Signed-off-by: Pan Bian <bianpan2016@xxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 2 ++
1 file changed, 2 insertions(+)
--- a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c
+++ b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c
@@ -127,6 +127,8 @@ static int qlcnic_sriov_virtid_fn(struct
return 0;
pos = pci_find_ext_capability(dev, PCI_EXT_CAP_ID_SRIOV);
+ if (!pos)
+ return 0;
pci_read_config_word(dev, pos + PCI_SRIOV_VF_OFFSET, &offset);
pci_read_config_word(dev, pos + PCI_SRIOV_VF_STRIDE, &stride);
Patches currently in stable-queue which might be from bianpan2016@xxxxxxx are
queue-4.4/mt7601u-check-return-value-of-alloc_skb.patch
queue-4.4/rndis_wlan-add-return-value-validation.patch
queue-4.4/staging-wilc1000-fix-unchecked-return-value.patch
queue-4.4/qlcnic-fix-unchecked-return-value.patch
queue-4.4/wan-pc300too-abort-path-on-failure.patch