| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20191007202249.29830-1-yzhai003@ucr.edu>
Date: Mon, 7 Oct 2019 13:22:48 -0700
From: Yizhuo <yzhai003@....edu>
To: unlisted-recipients:; (no To-header on input)
Cc: Yizhuo <yzhai003@....edu>,
"James E.J. Bottomley" <jejb@...ux.ibm.com>,
"Martin K. Petersen" <martin.petersen@...cle.com>,
linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] scsi_transport_sas: Potential NULL pointer deference in sas_rphy_match()
Inside function sas_rphy_match(), dev_to_shost() could return NULL,
however, the return value of dev_to_shost() is not checked and
get used. This could potentially be unsafe.
Signed-off-by: Yizhuo <yzhai003@....edu>
---
drivers/scsi/scsi_transport_sas.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/scsi/scsi_transport_sas.c b/drivers/scsi/scsi_transport_sas.c
index ef138c57e2a6..04d83cbc35f2 100644
--- a/drivers/scsi/scsi_transport_sas.c
+++ b/drivers/scsi/scsi_transport_sas.c
@@ -1328,6 +1328,8 @@ static int sas_rphy_match(struct attribute_container *cont, struct device *dev)
if (!scsi_is_sas_rphy(dev))
return 0;
shost = dev_to_shost(dev->parent->parent);
+ if (!shost)
+ return 0;
if (!shost->transportt)
return 0;
--
2.17.1
Powered by blists - more mailing lists