Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp2766616ybh;
        Mon, 16 Mar 2020 09:18:15 -0700 (PDT)
X-Google-Smtp-Source: ADFU+vsy6nIz+WS77nohnRyFEPIbTWoS5EwAuGfzVOpXviQxBXdKbikTiHpCX9lPzM31wwUTzbRz
X-Received: by 2002:a9d:63d2:: with SMTP id e18mr27623otl.277.1584375495645;
        Mon, 16 Mar 2020 09:18:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1584375495; cv=none;
        d=google.com; s=arc-20160816;
        b=jC3QjbRmP3J1IlrqeJ/mjgFkVbkUb455HdYnC8bVsyxk8WKvs6rJNwrDslspGJB2E+
         AZ7n5dvo9c6/YgTDUcit/+v3FbTVrMKQXJSr/ypoozTVhySp+moRzzaqidfgw3V9NKMk
         jAJGdiGxta7qb7LQdV0Q0OV/qxMqqMasSjZGMu85uD9pOB3n606+0YyV30e9MdYhKNPF
         CL869KgmzzJ1/CKKjDYkp4TeEKbP8z/jBJldwyVCRc2TYWH0icrFKMEXC/JOn7xRD4ot
         q3jMiv8DtB+30xlaSWFlyjH0uQDKfZJmKNT/RrEjVp66iVCU7plP8UYezSDCOqeAeDUK
         4TLA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from;
        bh=D89IdctqInTwIkV/7Ay9DlKuFYmh+R2UVQUo4JW8lnI=;
        b=pkC8hKf4am9LRPe5SifAAfxoaQ4q9putNhzxDBByOMf1nL2e46hIeWgOiCP+wOxe3A
         3AEwJJ7f9c5HtHZYzRU/JCWZ2Cj5h7r3fWORrZXW+f7q+OdQoa6zABZbjV3+gqmOHv77
         zo5cdFpL0SD1BGlQSKiO/6C1+2qjyQh5jP4HFmXEElg8dEBPsrfng7ug6RgxU+2ioAv3
         v4vtXQPoK4jWJfd204VzF2bXDLe0i1QbP5wh54bpPEWoz6BWZrt+bfwtwnRrOVWoPIiW
         ERjRVgX2HfDkktqi1EHN0AklSqMmu9f+MkT9GHLKYEk9BwfOBiKKwlp0UyQyDsd1v24D
         IjGA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id r17si178623ota.160.2020.03.16.09.18.02;
        Mon, 16 Mar 2020 09:18:15 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1732098AbgCPQQm (ORCPT <rfc822;utfcpqpk@gmail.com> + 99 others);
        Mon, 16 Mar 2020 12:16:42 -0400
Received: from mail.fudan.edu.cn ([202.120.224.73]:55131 "EHLO fudan.edu.cn"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1732009AbgCPQQm (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 Mar 2020 12:16:42 -0400
X-Greylist: delayed 409 seconds by postgrey-1.27 at vger.kernel.org; Mon, 16 Mar 2020 12:16:40 EDT
Received: from localhost.localdomain (unknown [61.129.42.58])
        by app2 (Coremail) with SMTP id XQUFCgAnLTmzpG9egfZIBQ--.6846S3;
        Tue, 17 Mar 2020 00:09:24 +0800 (CST)
From:   Xiyu Yang <xiyuyang19@fudan.edu.cn>
To:     Arnd Bergmann <arnd@arndb.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Ira Weiny <ira.weiny@intel.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Alexios Zavras <alexios.zavras@intel.com>,
        Mike Marshall <hubcap@omnibond.com>,
        Xiyu Yang <xiyuyang19@fudan.edu.cn>,
        Thomas Gleixner <tglx@linutronix.de>,
        linux-kernel@vger.kernel.org
Cc:     yuanxzhang@fudan.edu.cn, kjlu@umn.edu,
        Xin Tan <tanxin.ctf@gmail.com>
Subject: [PATCH] VMCI: Fix dereference before NULL-check of context ptr
Date:   Tue, 17 Mar 2020 00:05:51 +0800
Message-Id: <1584374754-9515-1-git-send-email-xiyuyang19@fudan.edu.cn>
X-Mailer: git-send-email 2.7.4
X-CM-TRANSID: XQUFCgAnLTmzpG9egfZIBQ--.6846S3
X-Coremail-Antispam: 1UD129KBjvdXoWruFy3Gry8Wr13KF4UZw17GFg_yoWfGFc_Wa
        45WFsrJr4FkFnI9wnrArnxZryrtFZ3Zr1xG3Wq9343JFW29w13JF1qvr9xJr43urZrtFnr
        Jr4qka4Sy3y2kjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT
        9fnUUIcSsGvfJTRUUUbTkFF20E14v26r4j6ryUM7CY07I20VC2zVCF04k26cxKx2IYs7xG
        6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rwA2F7IY1VAKz4vEj48ve4kI8w
        A2z4x0Y4vE2Ix0cI8IcVAFwI0_tr0E3s1l84ACjcxK6xIIjxv20xvEc7CjxVAFwI0_GcCE
        3s1l84ACjcxK6I8E87Iv67AKxVW0oVCq3wA2z4x0Y4vEx4A2jsIEc7CjxVAFwI0_GcCE3s
        1lnxkEFVAIw20F6cxK64vIFxWle2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IE
        w4CE5I8CrVC2j2WlYx0E2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMc
        vjeVCFs4IE7xkEbVWUJVW8JwACjcxG0xvY0x0EwIxGrwACjI8F5VA0II8E6IAqYI8I648v
        4I1lFIxGxcIEc7CjxVA2Y2ka0xkIwI1lc2xSY4AK67AK6r1l42xK82IYc2Ij64vIr41l4I
        8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUJVWUGwC20s026x8GjcxK67AK
        xVWUGVWUWwC2zVAF1VAY17CE14v26r1q6r43MIIYrxkI7VAKI48JMIIF0xvE2Ix0cI8IcV
        AFwI0_Jr0_JF4lIxAIcVC0I7IYx2IY6xkF7I0E14v26r4j6F4UMIIF0xvE42xK8VAvwI8I
        cIk0rVWrZr1j6s0DMIIF0xvEx4A2jsIE14v26r1j6r4UMIIF0xvEx4A2jsIEc7CjxVAFwI
        0_Gr0_Gr1UYxBIdaVFxhVjvjDU0xZFpf9x0JU0_M3UUUUU=
X-CM-SenderInfo: irzsiiysuqikmy6i3vldqovvfxof0/
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

A NULL pointer can be returned by vmci_ctx_get(). Thus add a
corresponding check so that a NULL pointer dereference will
be avoided in vmci_ctx_put().

Signed-off-by: Xiyu Yang <xiyuyang19@fudan.edu.cn>
Signed-off-by: Xin Tan <tanxin.ctf@gmail.com>
---
 drivers/misc/vmw_vmci/vmci_queue_pair.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/misc/vmw_vmci/vmci_queue_pair.c b/drivers/misc/vmw_vmci/vmci_queue_pair.c
index 8531ae781195..032617101ebc 100644
--- a/drivers/misc/vmw_vmci/vmci_queue_pair.c
+++ b/drivers/misc/vmw_vmci/vmci_queue_pair.c
@@ -1859,7 +1859,8 @@ static int qp_detatch_host_work(struct vmci_handle handle)
 
 	result = vmci_qp_broker_detach(handle, context);
 
-	vmci_ctx_put(context);
+	if (context)
+		vmci_ctx_put(context);
 	return result;
 }
 
-- 
2.7.4