2019-03-14 06:32:12

by Kangjie Lu

[permalink] [raw]
Subject: [PATCH] scsi: qla4xxx: fix a potential NULL pointer dereference

In case iscsi_lookup_endpoint fails, the fix returns -EINVAL to
avoid NULL pointer dereference.

Signed-off-by: Kangjie Lu <[email protected]>
---
drivers/scsi/qla4xxx/ql4_os.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c
index a77bfb224248..80289c885c07 100644
--- a/drivers/scsi/qla4xxx/ql4_os.c
+++ b/drivers/scsi/qla4xxx/ql4_os.c
@@ -3203,6 +3203,8 @@ static int qla4xxx_conn_bind(struct iscsi_cls_session *cls_session,
if (iscsi_conn_bind(cls_session, cls_conn, is_leading))
return -EINVAL;
ep = iscsi_lookup_endpoint(transport_fd);
+ if (!ep)
+ return -EINVAL;
conn = cls_conn->dd_data;
qla_conn = conn->dd_data;
qla_conn->qla_ep = ep->dd_data;
--
2.17.1



2019-03-23 22:42:46

by Aditya Pakki

[permalink] [raw]
Subject: Re: [PATCH] scsi: qla4xxx: fix a potential NULL pointer dereference


On 3/14/19 1:30 AM, Kangjie Lu wrote:
> In case iscsi_lookup_endpoint fails, the fix returns -EINVAL to
> avoid NULL pointer dereference.
>
> Signed-off-by: Kangjie Lu <[email protected]>
> ---
> drivers/scsi/qla4xxx/ql4_os.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c
> index a77bfb224248..80289c885c07 100644
> --- a/drivers/scsi/qla4xxx/ql4_os.c
> +++ b/drivers/scsi/qla4xxx/ql4_os.c
> @@ -3203,6 +3203,8 @@ static int qla4xxx_conn_bind(struct iscsi_cls_session *cls_session,
> if (iscsi_conn_bind(cls_session, cls_conn, is_leading))
> return -EINVAL;
> ep = iscsi_lookup_endpoint(transport_fd);
> + if (!ep)
> + return -EINVAL;
> conn = cls_conn->dd_data;
> qla_conn = conn->dd_data;
> qla_conn->qla_ep = ep->dd_data;
Gentle reminder, could someone please review this ?

2019-03-25 06:26:18

by Manish Rangankar

[permalink] [raw]
Subject: RE: [PATCH] scsi: qla4xxx: fix a potential NULL pointer dereference

> -----Original Message-----
> From: [email protected] <linux-scsi-
> [email protected]> On Behalf Of Kangjie Lu
> Sent: Thursday, March 14, 2019 12:01 PM
> To: [email protected]
> Cc: [email protected]; [email protected]; James E.J.
> Bottomley <[email protected]>; Martin K. Petersen
> <[email protected]>; [email protected]; linux-
> [email protected]
> Subject: [PATCH] scsi: qla4xxx: fix a potential NULL pointer dereference
>
> In case iscsi_lookup_endpoint fails, the fix returns -EINVAL to avoid NULL
> pointer dereference.
>
> Signed-off-by: Kangjie Lu <[email protected]>
> ---
> drivers/scsi/qla4xxx/ql4_os.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c
> index a77bfb224248..80289c885c07 100644
> --- a/drivers/scsi/qla4xxx/ql4_os.c
> +++ b/drivers/scsi/qla4xxx/ql4_os.c
> @@ -3203,6 +3203,8 @@ static int qla4xxx_conn_bind(struct
> iscsi_cls_session *cls_session,
> if (iscsi_conn_bind(cls_session, cls_conn, is_leading))
> return -EINVAL;
> ep = iscsi_lookup_endpoint(transport_fd);
> + if (!ep)
> + return -EINVAL;
> conn = cls_conn->dd_data;
> qla_conn = conn->dd_data;
> qla_conn->qla_ep = ep->dd_data;
> --
> 2.17.1

Thanks
Acked-by: Manish Rangankar <[email protected]>


2019-03-26 02:27:29

by Martin K. Petersen

[permalink] [raw]
Subject: Re: [PATCH] scsi: qla4xxx: fix a potential NULL pointer dereference


Kangjie,

> In case iscsi_lookup_endpoint fails, the fix returns -EINVAL to avoid
> NULL pointer dereference.

Applied to 5.1/scsi-fixes, thanks.

--
Martin K. Petersen Oracle Linux Engineering