Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3069242pxj; Mon, 17 May 2021 17:00:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxYGjH84vr/t++7N9TkRSzYtjg1Xl2CLPChgCtMGpaaRkmMx7OspWoDPTr1AKIKoe/Nyblk X-Received: by 2002:a17:907:248a:: with SMTP id zg10mr2667388ejb.259.1621296005190; Mon, 17 May 2021 17:00:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621296005; cv=none; d=google.com; s=arc-20160816; b=Unvd5PTZmq2p+FxtA2g+cOEW1Ab9rQC/uYxNsplb1J2JSNW2CHqlcfbdvPRlO+BEO/ HwS5SA+DUKn0cvt2GpYfiddlZsiXzq5onR5coEhZpOvHv+DkeIwXHcjHhjF4w6BGFDje r27fKpctSyD+HnvVonACWvhadgCHzQYuwaI1luxPB/CN7Q7eytzDlm2TXKXDSqXNMuoy CRuLrWPixCYtNuGlesYwhXJ+YuSnBEexsy5PHLNSAAsqs9s68szgbbFQc9mtv01jq8Ch FMYHxAJnyXJW8N9EptbC+zcu9Ruh4e34YI2cgLRXplyysfAQ9geE7Nndwj9/oZKL7nno DAVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=FrN06JazRRu4YEj272qKCWFa1BxsUviP5nuN8FbD228=; b=M2x6LL/3tFO1lkSW5pxiqd7VZvZXCi+lMi4NjHj3Opvq5k0jMal4eMGhj6J610c/kK dP2XvjkunEL1IW/Jwhgk5LBWR2mf0mGn3619rCuM1CJ3AtJVooRCHv45fFzDS46lDwGQ a3sMeh02XNzO08FGrD7WFljEg4KYl4Hlh/em9Cn/v+yUM8sHkcJgWDfluKRAd6cSS5kl l62TagWybvKwPTBSJWk4lYjdPVS7ut9fTrIpsgq4RXdSD9J5TrKl24rfQ5ahSRyADcwZ ca9t3oL8y3yacZpbEct2yCe5rrChDPCt0a4LY5VhWd4sTshCEbJ/IESpFix60nELapn2 F5Zg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=uORK4+7X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j22si15998538eds.591.2021.05.17.16.59.42; Mon, 17 May 2021 17:00:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=uORK4+7X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237198AbhEQOZy (ORCPT + 99 others); Mon, 17 May 2021 10:25:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:35736 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239209AbhEQOWX (ORCPT ); Mon, 17 May 2021 10:22:23 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 463DC6121F; Mon, 17 May 2021 14:11:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1621260712; bh=jFzD2qZBnthmwmjIMWDIIxaIhaNQ2Oe63HYBXaa7DdQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=uORK4+7XJxynsYKZps5uekwTOIHXbTGYoF3NeuR9A4UWJeT36XAcpWI20gUNmsg7P S5dCIoJIEL+3rkyJhyHUQlS6aBSdvi6umHX5TcKGt1Df88UtZlWRJHzJ2y5+syc7bL ax6oq3aZoWi79k0gICwP0TfK7AyH9JForBG//LMI= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Yunjian Wang , Chuck Lever , Sasha Levin Subject: [PATCH 5.12 179/363] SUNRPC: Fix null pointer dereference in svc_rqst_free() Date: Mon, 17 May 2021 16:00:45 +0200 Message-Id: <20210517140308.651430582@linuxfoundation.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210517140302.508966430@linuxfoundation.org> References: <20210517140302.508966430@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Yunjian Wang [ Upstream commit b9f83ffaa0c096b4c832a43964fe6bff3acffe10 ] When alloc_pages_node() returns null in svc_rqst_alloc(), the null rq_scratch_page pointer will be dereferenced when calling put_page() in svc_rqst_free(). Fix it by adding a null check. Addresses-Coverity: ("Dereference after null check") Fixes: 5191955d6fc6 ("SUNRPC: Prepare for xdr_stream-style decoding on the server-side") Signed-off-by: Yunjian Wang Signed-off-by: Chuck Lever Signed-off-by: Sasha Levin --- net/sunrpc/svc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c index d76dc9d95d16..0de918cb3d90 100644 --- a/net/sunrpc/svc.c +++ b/net/sunrpc/svc.c @@ -846,7 +846,8 @@ void svc_rqst_free(struct svc_rqst *rqstp) { svc_release_buffer(rqstp); - put_page(rqstp->rq_scratch_page); + if (rqstp->rq_scratch_page) + put_page(rqstp->rq_scratch_page); kfree(rqstp->rq_resp); kfree(rqstp->rq_argp); kfree(rqstp->rq_auth_data); -- 2.30.2