mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-16 07:35:14 +00:00
scsi: qla2xxx: Fix possible fcport null-pointer dereferences
[ Upstream commit e82f04ec6b
]
In qla2x00_alloc_fcport(), fcport is assigned to NULL in the error
handling code on line 4880:
fcport = NULL;
Then fcport is used on lines 4883-4886:
INIT_WORK(&fcport->del_work, qla24xx_delete_sess_fn);
INIT_WORK(&fcport->reg_work, qla_register_fcport_fn);
INIT_LIST_HEAD(&fcport->gnl_entry);
INIT_LIST_HEAD(&fcport->list);
Thus, possible null-pointer dereferences may occur.
To fix these bugs, qla2x00_alloc_fcport() directly returns NULL
in the error handling code.
These bugs are found by a static analysis tool STCheck written by us.
Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Acked-by: Himanshu Madhani <hmadhani@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
parent
3435e025ed
commit
02d4fe0193
1 changed files with 1 additions and 1 deletions
|
@ -4732,7 +4732,7 @@ qla2x00_alloc_fcport(scsi_qla_host_t *vha, gfp_t flags)
|
|||
ql_log(ql_log_warn, vha, 0xd049,
|
||||
"Failed to allocate ct_sns request.\n");
|
||||
kfree(fcport);
|
||||
fcport = NULL;
|
||||
return NULL;
|
||||
}
|
||||
INIT_WORK(&fcport->del_work, qla24xx_delete_sess_fn);
|
||||
INIT_LIST_HEAD(&fcport->gnl_entry);
|
||||
|
|
Loading…
Reference in a new issue