Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp1079918img; Mon, 18 Mar 2019 23:15:30 -0700 (PDT) X-Google-Smtp-Source: APXvYqxU7Syy+eHIuJh3sTmwVY0R7XivkKDTnYky3v8DBZXH0yApTZmdTeAp1MZ7tQ5re4w0wARU X-Received: by 2002:a17:902:24:: with SMTP id 33mr320908pla.259.1552976130013; Mon, 18 Mar 2019 23:15:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552976130; cv=none; d=google.com; s=arc-20160816; b=JJMfYlY44/toSw9dq7gPuxIqGVo7vT23NzP5UcIdgcVFTQVuQ6c3DNafrZAkTFAUq4 okeAA49KIl2lZawmHLB+p39iVLAxuchd0qNEE84Pkd8bS/416apB4yPVtGhDvxhgSws9 YtJ3eJbaJTUcxD2sx6gKiGLgVbejUylY+qL3LHErMUNbQ9DwvDJGx1HQBkvn7d1HF2FY TRJdFn/lOTHtzIkBHX3EYACL9OqygxFhK6eCjyL0GLfnsRmv5Pn7J6ZYiwtO63oJMCmq R4RdwrxbJ51lro4D00zWt464zYbwgjijbaZ2OxFZc7t7oqf3dz32i+bqy/a/rCO7Wkj4 2NWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:message-id:subject:cc:to:from:date :dkim-signature; bh=ct25yoTvL1XSWg089mRfObGZi8sgVBZ1jfD8duXMusY=; b=KZ2qpu9arJtbVrgy91kA67COJDB1O2aCv16xFgiuvqpMLNHF/YY+I85/UEgeRvAOcb 9mVmmPz3PhcaroTKd0z4or2wtjhFLzQkDPnY0ly6wEeief97oUYidYKcLAN37yAs9U2k fwrM6g2dyIESdujnqIJBe8IoHDNNR5Jv/rsv2h+7VF8WXukQ9os5vIg+SJBtKop/4qKs f5bgMNynKhAhkInMgYn6J5ggYq7vxm6ETTlW7/dki7z6TDjUbceUVHliYD7yQh1Flcr/ uemsaGEzsrKu8dn/sRH/Qh4ghfzfSoMe7vGwAq5y0w1q1gE4XR8qSl8TDbRIGIe/lnxX 0xwg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="j/DhXWCI"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i11si10482642pgs.85.2019.03.18.23.15.14; Mon, 18 Mar 2019 23:15:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="j/DhXWCI"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726872AbfCSGOi (ORCPT + 99 others); Tue, 19 Mar 2019 02:14:38 -0400 Received: from mail.kernel.org ([198.145.29.99]:45494 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725988AbfCSGOh (ORCPT ); Tue, 19 Mar 2019 02:14:37 -0400 Received: from localhost (unknown [77.138.135.184]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A0AA920854; Tue, 19 Mar 2019 06:14:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1552976077; bh=5sbE827tg+ZWwofJp/qDuF8JZfq7umv1xRsacUOjDhQ=; h=Date:From:To:Cc:Subject:In-Reply-To:From; b=j/DhXWCI7q3IbKRzEEHEqO/9VfcOnpCG2j7OqMz58C0n2CuQNtzG9krwC5hjwaP/O Ghzt/oTxfWBz4BK+KDWu5kQSi4YBZKwwZVotAQWks1OPQ2oTVy0njrSTAEn0bkxBOg ai154EjiHSAqs8Q68DmMSScLEdevhe5tRwySd7vM= Date: Tue, 19 Mar 2019 08:14:31 +0200 From: Leon Romanovsky To: Aditya Pakki , Boris Pismeny , Saeed Mahameed Cc: kjlu@umn.edu, "David S. Miller" , Wei Yongjun , netdev@vger.kernel.org, linux-rdma@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] net: mlx5: Add a missing check on idr_find Message-ID: <20190319061431.GL4823@mtr-leonro.mtl.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="FoLtEtfbNGMjfgrs" Content-Disposition: inline In-Reply-To: <20190318221924.7034-1-pakki001@umn.edu> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --FoLtEtfbNGMjfgrs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Mar 18, 2019 at 05:18:51PM -0500, Aditya Pakki wrote: > idr_find() can return a NULL value to 'flow' which is used without a check. > The patch adds a check to avoid potential NULL pointer dereference. > > Signed-off-by: Aditya Pakki > --- > drivers/net/ethernet/mellanox/mlx5/core/fpga/tls.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fpga/tls.c b/drivers/net/ethernet/mellanox/mlx5/core/fpga/tls.c > index 5cf5f2a9d51f..3df468acdffc 100644 > --- a/drivers/net/ethernet/mellanox/mlx5/core/fpga/tls.c > +++ b/drivers/net/ethernet/mellanox/mlx5/core/fpga/tls.c > @@ -226,6 +226,8 @@ int mlx5_fpga_tls_resync_rx(struct mlx5_core_dev *mdev, u32 handle, u32 seq, > rcu_read_lock(); > flow = idr_find(&mdev->fpga->tls->rx_idr, ntohl(handle)); > rcu_read_unlock(); > + if (!flow) > + return -EINVAL; It is wrong and whole function is wrong too. In such case, you will leak "buf" allocated above. The function mlx5_fpga_sbu_conn_sendmsg() which is used below can fail and it will leave "buf" unfreed too. Thanks > mlx5_fpga_tls_flow_to_cmd(flow, cmd); > > MLX5_SET(tls_cmd, cmd, swid, ntohl(handle)); > -- > 2.17.1 > --FoLtEtfbNGMjfgrs Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJckIjHAAoJEORje4g2clin+iIQAI6aublc3HGEI5E/b4t52jAG pQTUj1oD9JEMzwc3LxmjuVVF3Lmmj9iRbY7Svq7Q9eMVIe3L8z5Wo2AMcgwN1jJL IX3Ap9IPwnV35qj9jeFGfb/EyiuEvu4HbeBLQL+DsyYGhJzl1WOgAF0Qr6GLpfma 95f4+ySbbPRU/cH8vu13asGGPqJvkqKYiSyTAzxUlZTivl1Xjoe3zC+Cwh3aFxr/ UahAJN1qZX/7IBJ8qSq9D5iHoJt+ODwmdEQm2HYppeUC+nFuWOmXh/UylDw9JPDh 5ZLh4aZxqViggE0jRQY/LzhBGLgb4v+8/A1B4Mmtv6NbE7nKnWvsQpd7exvA+a84 PPrvLP7PY7oWdEiN6hl2SRHjN/Jx5FniD6zJcLmxumk7vEHlut6sodFGCsxohExZ E/HbIXLLIfoUuW/RBUEDHmDI9KLMM+a1tZ/tTWbr+5jAe+9poIhLZ/iXZj02CUNE ZS0nsfkebg7hj7fGICnYD4TaAWvvyIDfhtarJ3zP0xYTNK93S+KEpUBCuqAD9C58 hFpUX2swbdzAfNmfraXm2uQo8kQQ5l65vjKZZkiFftJGBl8C4vNgh5kWOQg3pgAU GqNrDVHaTJ/xY2s3g7iM+oOZ3RPPTVEkBvr5Ibhkabrdl9FGL+THiKQ+JN/AYmc5 nhzqw5UciZW82vo7fja1 =nczu -----END PGP SIGNATURE----- --FoLtEtfbNGMjfgrs--