| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Sep 2021 23:47:28 +0800
From: Ding Hui <dinghui@...gfor.com.cn>
To: lduncan@...e.com, cleech@...hat.com, jejb@...ux.ibm.com,
michael.christie@...cle.co, open-iscsi@...glegroups.com,
linux-kernel@...r.kernel.org
Cc: Ding Hui <dinghui@...gfor.com.cn>
Subject: [PATCH 2/3] scsi: libiscsi: fix invalid pointer dereference in iscsi_eh_session_reset
like commit 5db6dd14b313 ("scsi: libiscsi: Fix NULL pointer dereference in
iscsi_eh_session_reset"), access conn->persistent_address here is not safe
too.
The persistent_address is independent of conn refcount, so maybe
already freed by iscsi_conn_teardown(), also we put the refcount of conn
above, the conn pointer may be invalid.
Signed-off-by: Ding Hui <dinghui@...gfor.com.cn>
---
drivers/scsi/libiscsi.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c
index 712a45368385..69b3b2148328 100644
--- a/drivers/scsi/libiscsi.c
+++ b/drivers/scsi/libiscsi.c
@@ -2531,8 +2531,8 @@ int iscsi_eh_session_reset(struct scsi_cmnd *sc)
spin_lock_bh(&session->frwd_lock);
if (session->state == ISCSI_STATE_LOGGED_IN) {
ISCSI_DBG_EH(session,
- "session reset succeeded for %s,%s\n",
- session->targetname, conn->persistent_address);
+ "session reset succeeded for %s\n",
+ session->targetname);
} else
goto failed;
spin_unlock_bh(&session->frwd_lock);
--
2.17.1
Powered by blists - more mailing lists