Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S934922AbbEPHkP (ORCPT <rfc822;w@1wt.eu>);
	Sat, 16 May 2015 03:40:15 -0400
Received: from linuxhacker.ru ([217.76.32.60]:60213 "EHLO fiona.linuxhacker.ru"
	rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org with ESMTP
	id S1753952AbbEPHjH (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Sat, 16 May 2015 03:39:07 -0400
From: green@linuxhacker.ru
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        devel@driverdev.osuosl.org, Andreas Dilger <andreas.dilger@intel.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Oleg Drokin <green@linuxhacker.ru>,
        Sebastien Buisson <sebastien.buisson@bull.net>
Subject: [PATCH 3/4] staging/lustre/ptlrpc: Fix potential NULL pointer dereference
Date: Sat, 16 May 2015 03:38:33 -0400
Message-Id: <1431761914-20677-4-git-send-email-green@linuxhacker.ru>
X-Mailer: git-send-email 2.1.0
In-Reply-To: <1431761914-20677-1-git-send-email-green@linuxhacker.ru>
References: <1431761914-20677-1-git-send-email-green@linuxhacker.ru>
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1915
Lines: 51

From: Oleg Drokin <green@linuxhacker.ru>

In lov_unpackmd() there's this strange bit of code where we first try
to look inside of lmm striping pattern for it's type, and then
we check if the pattern is NULL which cannot be right.
Move the check under if (lmm) branch so that it's safe.

Found by Coverity version 6.6.1

Signed-off-by: Sebastien Buisson <sebastien.buisson@bull.net>
Reviewed-on: http://review.whamcloud.com/7827
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4049
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: jacques-Charles Lafoucriere <jacques-charles.lafoucriere@cea.fr>
Signed-off: Oleg Drokin <oleg.drokin@intel.com>
---
 drivers/staging/lustre/lustre/lov/lov_pack.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/staging/lustre/lustre/lov/lov_pack.c b/drivers/staging/lustre/lustre/lov/lov_pack.c
index 5356d53..92b9ffe 100644
--- a/drivers/staging/lustre/lustre/lov/lov_pack.c
+++ b/drivers/staging/lustre/lustre/lov/lov_pack.c
@@ -367,9 +367,11 @@ int lov_unpackmd(struct obd_export *exp,  struct lov_stripe_md **lsmp,
 		if (rc)
 			return rc;
 		magic = le32_to_cpu(lmm->lmm_magic);
+		pattern = le32_to_cpu(lmm->lmm_pattern);
 	} else {
 		magic = LOV_MAGIC;
 		stripe_count = lov_get_stripecnt(lov, magic, 0);
+		pattern = LOV_PATTERN_RAID0;
 	}
 
 	/* If we aren't passed an lsmp struct, we just want the size */
@@ -384,7 +386,6 @@ int lov_unpackmd(struct obd_export *exp,  struct lov_stripe_md **lsmp,
 		return 0;
 	}
 
-	pattern = le32_to_cpu(lmm->lmm_pattern);
 	lsm_size = lov_alloc_memmd(lsmp, stripe_count, pattern, magic);
 	if (lsm_size < 0)
 		return lsm_size;
-- 
2.1.0

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/