| Message ID | 20200118042056.32232-1-bvanassche@acm.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 17c5f65db629a3bd95ac8eb960940b6fbb39a310 |
| Headers | show |
| Series | qla2xxx: Fix a NULL pointer dereference in an error path | expand |
On Fri, Jan 17, 2020 at 08:20:56PM -0800, Bart Van Assche wrote: > This patch fixes the following Coverity complaint: > > FORWARD_NULL > > qla_init.c: 5275 in qla2x00_configure_local_loop() > 5269 > 5270 if (fcport->scan_state == QLA_FCPORT_FOUND) > 5271 qla24xx_fcport_handle_login(vha, fcport); > 5272 } > 5273 > 5274 cleanup_allocation: > >>> CID 353340: (FORWARD_NULL) > >>> Passing null pointer "new_fcport" to "qla2x00_free_fcport", which dereferences it. > 5275 qla2x00_free_fcport(new_fcport); > 5276 > 5277 if (rval != QLA_SUCCESS) { > 5278 ql_dbg(ql_dbg_disc, vha, 0x2098, > 5279 "Configure local loop error exit: rval=%x.\n", rval); > 5280 } > qla_init.c: 5275 in qla2x00_configure_local_loop() > 5269 > 5270 if (fcport->scan_state == QLA_FCPORT_FOUND) > 5271 qla24xx_fcport_handle_login(vha, fcport); > 5272 } > 5273 > 5274 cleanup_allocation: > >>> CID 353340: (FORWARD_NULL) > >>> Passing null pointer "new_fcport" to "qla2x00_free_fcport", which dereferences it. > 5275 qla2x00_free_fcport(new_fcport); > 5276 > 5277 if (rval != QLA_SUCCESS) { > 5278 ql_dbg(ql_dbg_disc, vha, 0x2098, > 5279 "Configure local loop error exit: rval=%x.\n", rval); > 5280 } > > Cc: Himanshu Madhani <hmadhani@marvell.com> > Cc: Quinn Tran <qutran@marvell.com> > Cc: Martin Wilck <mwilck@suse.com> > Cc: Daniel Wagner <dwagner@suse.de> > Cc: Roman Bolshakov <r.bolshakov@yadro.com> > Reviewed-by: Ewan D. Milne <emilne@redhat.com> > Fixes: 3dae220595ba ("scsi: qla2xxx: Use common routine to free fcport struct") > Signed-off-by: Bart Van Assche <bvanassche@acm.org> Reviewed-by: Daniel Wagner <dwagner@suse.de>
Bart,
> This patch fixes the following Coverity complaint:
Applied to 5.6/scsi-queue, thanks!
diff --git a/drivers/scsi/qla2xxx/qla_init.c b/drivers/scsi/qla2xxx/qla_init.c index c4e087217484..62df78258269 100644 --- a/drivers/scsi/qla2xxx/qla_init.c +++ b/drivers/scsi/qla2xxx/qla_init.c @@ -5109,7 +5109,7 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha) rval = qla2x00_get_id_list(vha, ha->gid_list, ha->gid_list_dma, &entries); if (rval != QLA_SUCCESS) - goto cleanup_allocation; + goto err; ql_dbg(ql_dbg_disc, vha, 0x2011, "Entries in ID list (%d).\n", entries); @@ -5139,7 +5139,7 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha) ql_log(ql_log_warn, vha, 0x2012, "Memory allocation failed for fcport.\n"); rval = QLA_MEMORY_ALLOC_FAILED; - goto cleanup_allocation; + goto err; } new_fcport->flags &= ~FCF_FABRIC_DEVICE; @@ -5229,7 +5229,7 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha) ql_log(ql_log_warn, vha, 0xd031, "Failed to allocate memory for fcport.\n"); rval = QLA_MEMORY_ALLOC_FAILED; - goto cleanup_allocation; + goto err; } spin_lock_irqsave(&vha->hw->tgt.sess_lock, flags); new_fcport->flags &= ~FCF_FABRIC_DEVICE; @@ -5272,15 +5272,14 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha) qla24xx_fcport_handle_login(vha, fcport); } -cleanup_allocation: qla2x00_free_fcport(new_fcport); - if (rval != QLA_SUCCESS) { - ql_dbg(ql_dbg_disc, vha, 0x2098, - "Configure local loop error exit: rval=%x.\n", rval); - } + return rval; - return (rval); +err: + ql_dbg(ql_dbg_disc, vha, 0x2098, + "Configure local loop error exit: rval=%x.\n", rval); + return rval; } static void