2021-03-23 11:53:23

by Sergei Shtepa

[permalink] [raw]
Subject: [PATCH 0/1] block: fix potential infinite loop in the negative branch in __submit_bio_noacct_mq()

Hi all.

It seems to me that the __submit_bio_noacct_mq() function incorrectly
processes the return code of the blk_crypto_bio_prep() function.

If the blk_crypto_bio_prep() function returns false, it means that
the processing of the bio request was completed with an error and
further processing of the request is unnecessary.

But in the code, in case of an error when executing the
blk_crypto_bio_prep() function, an attempt is made to repeat the
execution of this function. This can lead to an infinite loop.
In addition, since the function __blk_crypto_bio_prep calls bio_endio(),
it is likely to access the freed data or access the null pointer.

At the same time, the implementation of the negative branch of the
blk_crypto_bio_prep() function implemented correctly in the
__submit_bio_noacct() and __submit_bio() functions.

Sergei Shtepa (1):
block: fix potential infinite loop in the negative branch in
__submit_bio_noacct_mq()

block/blk-core.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)

--
2.20.1