if_info is a local variable that is passed to beiscsi_if_get_info. In
case of failure, the variable is free'd but not reset to NULL. The patch
avoids security issue by passing NULL to if_info.
Signed-off-by: Aditya Pakki <[email protected]>
---
drivers/scsi/be2iscsi/be_iscsi.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/scsi/be2iscsi/be_iscsi.c b/drivers/scsi/be2iscsi/be_iscsi.c
index a13c203ef7a9..1ff9d2a2a876 100644
--- a/drivers/scsi/be2iscsi/be_iscsi.c
+++ b/drivers/scsi/be2iscsi/be_iscsi.c
@@ -274,11 +274,13 @@ void beiscsi_iface_create_default(struct beiscsi_hba *phba)
if (!beiscsi_if_get_info(phba, BEISCSI_IP_TYPE_V4, &if_info)) {
beiscsi_iface_create_ipv4(phba);
kfree(if_info);
+ if_info = NULL;
}
if (!beiscsi_if_get_info(phba, BEISCSI_IP_TYPE_V6, &if_info)) {
beiscsi_iface_create_ipv6(phba);
kfree(if_info);
+ if_info = NULL;
}
}
--
2.25.1
On Tue, Apr 06, 2021 at 07:24:45PM -0500, Aditya Pakki wrote:
> if_info is a local variable that is passed to beiscsi_if_get_info. In
> case of failure, the variable is free'd but not reset to NULL. The patch
> avoids security issue by passing NULL to if_info.
That is just not true at all.
Stop submitting patches that you know are invalid. Your experiment is
not ethical, and not welcome or appreciated.
greg k-h