| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Nov 2019 17:08:53 +0000
From: Lee Duncan <LDuncan@...e.com>
To: Tom Abraham <TAbraham@...e.com>,
Himanshu Madhani <hmadhani@...vell.com>
CC: "jejb@...ux.ibm.com" <jejb@...ux.ibm.com>,
"martin.petersen@...cle.com" <martin.petersen@...cle.com>,
"linux-scsi@...r.kernel.org" <linux-scsi@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Hannes Reinecke <hare@...e.com>
Subject: Re: [PATCH] scsi: qla2xxx: avoid crash in
qlt_handle_abts_completion() if mcmd == NULL
On 11/4/19 10:18 AM, Thomas Abraham wrote:
> qlt_ctio_to_cmd() will return a NULL mcmd if h == QLA_TGT_SKIP_HANDLE. If
> the error subcodes don't match the exact codes checked a crash will occur
> when calling free_mcmd on the null mcmd
>
> Signed-off-by: Thomas Abraham <tabraham@...e.com>
> ---
> drivers/scsi/qla2xxx/qla_target.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c
> index a06e56224a55..611ab224662f 100644
> --- a/drivers/scsi/qla2xxx/qla_target.c
> +++ b/drivers/scsi/qla2xxx/qla_target.c
> @@ -5732,7 +5732,8 @@ static void qlt_handle_abts_completion(struct scsi_qla_host *vha,
> vha->vp_idx, entry->compl_status,
> entry->error_subcode1,
> entry->error_subcode2);
> - ha->tgt.tgt_ops->free_mcmd(mcmd);
> + if (mcmd)
> + ha->tgt.tgt_ops->free_mcmd(mcmd);
> }
> } else if (mcmd) {
> ha->tgt.tgt_ops->free_mcmd(mcmd);
>
Reviewed-by: Lee Duncan <lduncan@...e.com>
Powered by blists - more mailing lists