Searched hist:"0 f99792c" (Results 1 – 1 of 1) sorted by relevance
| /openbmc/linux/drivers/target/ |
| H A D | target_core_pscsi.c | 0f99792c Mon Aug 09 23:04:13 CDT 2021 Tuo Li <islituo@gmail.com> scsi: target: pscsi: Fix possible null-pointer dereference in pscsi_complete_cmd()
The return value of transport_kmap_data_sg() is assigned to the variable
buf:
buf = transport_kmap_data_sg(cmd);
And then it is checked:
if (!buf) {
This indicates that buf can be NULL. However, it is dereferenced in the
following statements:
if (!(buf[3] & 0x80))
buf[3] |= 0x80;
if (!(buf[2] & 0x80))
buf[2] |= 0x80;
To fix these possible null-pointer dereferences, dereference buf and call
transport_kunmap_data_sg() only when buf is not NULL.
Link: https://lore.kernel.org/r/20210810040414.248167-1-islituo@gmail.com
Reported-by: TOTE Robot <oslab@tsinghua.edu.cn>
Reviewed-by: Bodo Stroesser <bostroesser@gmail.com>
Signed-off-by: Tuo Li <islituo@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
|