2019-10-10 04:48:51

by Yizhuo Zhai

[permalink] [raw]
Subject: Potential NULL pointer deference in RDMA

Hi All:
drivers/infiniband/sw/rxe/rxe_verbs.c:
The function to_rdev() could return NULL, but no caller in this file
checks the return value but directly dereference them, which seems
potentially unsafe. Callers include rxe_query_device(),
rxe_query_port(), rxe_query_pkey(), etc.


--
Kind Regards,

Yizhuo Zhai

Computer Science, Graduate Student
University of California, Riverside


2019-10-10 06:51:57

by Leon Romanovsky

[permalink] [raw]
Subject: Re: Potential NULL pointer deference in RDMA

On Wed, Oct 09, 2019 at 09:44:58PM -0700, Yizhuo Zhai wrote:
> Hi All:
> drivers/infiniband/sw/rxe/rxe_verbs.c:
> The function to_rdev() could return NULL, but no caller in this file
> checks the return value but directly dereference them, which seems
> potentially unsafe. Callers include rxe_query_device(),
> rxe_query_port(), rxe_query_pkey(), etc.


All NULL returns in to_r*() function are useless and can be removed.

Thanks
>
>
> --
> Kind Regards,
>
> Yizhuo Zhai
>
> Computer Science, Graduate Student
> University of California, Riverside