lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220401083637.2407766-1-lv.ruyi@zte.com.cn>
Date:   Fri,  1 Apr 2022 08:36:37 +0000
From:   cgel.zte@...il.com
To:     philipp.reisner@...bit.com
Cc:     lars.ellenberg@...bit.com, christoph.boehmwalder@...bit.com,
        axboe@...nel.dk, drbd-dev@...ts.linbit.com,
        linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
        Lv Ruyi <lv.ruyi@....com.cn>, Zeal Robot <zealci@....com.cn>
Subject: [PATCH] block: fix potential dereference null pointer

From: Lv Ruyi <lv.ruyi@....com.cn>

rcu_dereference may return NULL, so check the returned pointer.

Reported-by: Zeal Robot <zealci@....com.cn>
Signed-off-by: Lv Ruyi <lv.ruyi@....com.cn>
---
 drivers/block/drbd/drbd_req.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/block/drbd/drbd_req.c b/drivers/block/drbd/drbd_req.c
index e1e58e91ee58..8ab6da155e2f 100644
--- a/drivers/block/drbd/drbd_req.c
+++ b/drivers/block/drbd/drbd_req.c
@@ -577,6 +577,10 @@ int __req_mod(struct drbd_request *req, enum drbd_req_event what,
 		D_ASSERT(device, !(req->rq_state & RQ_NET_MASK));
 		rcu_read_lock();
 		nc = rcu_dereference(connection->net_conf);
+		if (!nc) {
+			rcu_read_unlock();
+			break;
+		}
 		p = nc->wire_protocol;
 		rcu_read_unlock();
 		req->rq_state |=
@@ -690,6 +694,10 @@ int __req_mod(struct drbd_request *req, enum drbd_req_event what,
 		/* close the epoch, in case it outgrew the limit */
 		rcu_read_lock();
 		nc = rcu_dereference(connection->net_conf);
+		if (!nc) {
+			rcu_read_unlock();
+			break;
+		}
 		p = nc->max_epoch_size;
 		rcu_read_unlock();
 		if (connection->current_tle_writes >= p)
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ