LinuxLists.cc - [PATCH] cxgb4i : Added pointer check

2022-11-15 10:02:29

Subject: [PATCH] cxgb4i : Added pointer check

Return value of a function 'alloc_wr' is dereferenced at cxgb4i.c:624
without checking for null, but it is usually checked for this function

Signed-off-by: Denis Arefev <[email protected]>
---
drivers/scsi/cxgbi/cxgb4i/cxgb4i.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
index 2c3491528d42..40ed8e27945c 100644
--- a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
+++ b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
@@ -611,7 +611,7 @@ static inline int tx_flowc_wr_credits(int *nparamsp, int *flowclenp)

static inline int send_tx_flowc_wr(struct cxgbi_sock *csk)
{
- struct sk_buff *skb;
+ struct sk_buff *skb = NULL;
struct fw_flowc_wr *flowc;
int nparams, flowclen16, flowclen;

@@ -620,6 +620,8 @@ static inline int send_tx_flowc_wr(struct cxgbi_sock *csk)
#endif
flowclen16 = tx_flowc_wr_credits(&nparams, &flowclen);
skb = alloc_wr(flowclen, 0, GFP_ATOMIC);
+ if (!skb)
+ return -ENOMEM;
flowc = (struct fw_flowc_wr *)skb->head;
flowc->op_to_nparams =
htonl(FW_WR_OP_V(FW_FLOWC_WR) | FW_FLOWC_WR_NPARAMS_V(nparams));
--
2.25.1

2022-11-15 17:53:29

by Mike Christie

[permalink] [raw]

Subject: Re: [PATCH] cxgb4i : Added pointer check

On 11/15/22 3:46 AM, Denis Arefev wrote:
> Return value of a function 'alloc_wr' is dereferenced at cxgb4i.c:624
> without checking for null, but it is usually checked for this function
>
> Signed-off-by: Denis Arefev <[email protected]>
> ---
> drivers/scsi/cxgbi/cxgb4i/cxgb4i.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
> index 2c3491528d42..40ed8e27945c 100644
> --- a/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
> +++ b/drivers/scsi/cxgbi/cxgb4i/cxgb4i.c
> @@ -611,7 +611,7 @@ static inline int tx_flowc_wr_credits(int *nparamsp, int *flowclenp)
>
> static inline int send_tx_flowc_wr(struct cxgbi_sock *csk)
> {
> - struct sk_buff *skb;
> + struct sk_buff *skb = NULL;

You can drop this part since it's set a little lower when we do the alloc.

> struct fw_flowc_wr *flowc;
> int nparams, flowclen16, flowclen;
>
> @@ -620,6 +620,8 @@ static inline int send_tx_flowc_wr(struct cxgbi_sock *csk)
> #endif
> flowclen16 = tx_flowc_wr_credits(&nparams, &flowclen);
> skb = alloc_wr(flowclen, 0, GFP_ATOMIC);
> + if (!skb)
> + return -ENOMEM;

Your tabbing got messed up. Maybe you used a space where you wanted a tab.

> flowc = (struct fw_flowc_wr *)skb->head;
> flowc->op_to_nparams =
> htonl(FW_WR_OP_V(FW_FLOWC_WR) | FW_FLOWC_WR_NPARAMS_V(nparams));