From: Roland Dreier <roland@xxxxxxxxxxxxxxx> Avoid a crash dereferencing a NULL s_id in qla24xx_get_loop_id() when we don't find a session in qla_tgt_exec_sess_work(); we need to have a valid s_id pointer to create a new session. This is based on r3244 in https://scst.svn.sourceforge.net/svnroot/scst/trunk. Signed-off-by: Roland Dreier <roland@xxxxxxxxxxxxxxx> --- drivers/scsi/qla2xxx/qla_target.c | 7 +++++++ 1 files changed, 7 insertions(+), 0 deletions(-) diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c index 979b23e..e3a0392 100644 --- a/drivers/scsi/qla2xxx/qla_target.c +++ b/drivers/scsi/qla2xxx/qla_target.c @@ -4718,6 +4718,7 @@ static void qla_tgt_exec_sess_work(struct qla_tgt *tgt, unsigned long flags; uint32_t be_s_id; uint8_t *s_id = NULL; /* to hide compiler warnings */ + uint8_t local_s_id[3]; int rc, loop_id = -1; /* to hide compiler warnings */ DEBUG22(qla_printk(KERN_INFO, ha, "qla_tgt_exec_sess_work() processing -> prm %p\n", prm)); @@ -4746,6 +4747,12 @@ static void qla_tgt_exec_sess_work(struct qla_tgt *tgt, sess = ha->qla2x_tmpl->find_sess_by_s_id(vha, (unsigned char *)&be_s_id); + if (!sess) { + s_id = local_s_id; + s_id[0] = prm->abts.fcp_hdr_le.s_id[2]; + s_id[1] = prm->abts.fcp_hdr_le.s_id[1]; + s_id[2] = prm->abts.fcp_hdr_le.s_id[0]; + } goto after_find; } else loop_id = GET_TARGET_ID(ha, &prm->tm_iocb); -- 1.7.5.4 -- To unsubscribe from this list: send the line "unsubscribe target-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
