Re: [PATCH v3 2/3] target: fix NULL pointer dereference

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 6/2/20 6:01 PM, Sudhakar Panneerselvam wrote:
Maybe move this to after target_get_sess_cmd().

I moved it before target_get_sess_cmd() because if target_get_sess_cmd() fails
then we have NULL pointer dereference issue again. For instance, the sequence
   vhost_scsi_submission_work
      target_submit_cmd_map_sgls
        target_get_sess_cmd() -- Suppose this fails
      transport_send_check_condition_and_sense
         trace_target_cmd_complete -- NULL ptr derefence.

Still thinking how to address both these issues together.

Also, noticed that not all callers of target_get_sess_cmd() check for return value.( iscsit_setup_scsi_cmd() and iscsit_handle_task_mgt_cmd()). Could this cause problems?


I think it's ok. iscsi doesn't use target_sess_cmd_list_set_waiting so the only way it fails there is if there is a driver bug.



[Index of Archives]     [Linux SCSI]     [Kernel Newbies]     [Linux SCSI Target Infrastructure]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Device Mapper]

  Powered by Linux