| Message ID | 1565695660-13459-1-git-send-email-zhengbin13@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v2] paride/pcd: need to set queue to NULL before put_disk | expand |
ping On 2019/8/13 19:27, zhengbin wrote: > In pcd_init_units, if blk_mq_init_sq_queue fails, need to set queue to > NULL before put_disk, otherwise null-ptr-deref Read will occur. > > put_disk > kobject_put > disk_release > blk_put_queue(disk->queue) > > Fixes: f0d176255401 ("paride/pcd: Fix potential NULL pointer dereference and mem leak") > Reported-by: Hulk Robot <hulkci@huawei.com> > Signed-off-by: zhengbin <zhengbin13@huawei.com> > --- > drivers/block/paride/pcd.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/block/paride/pcd.c b/drivers/block/paride/pcd.c > index 001dbdc..bfca80d 100644 > --- a/drivers/block/paride/pcd.c > +++ b/drivers/block/paride/pcd.c > @@ -314,8 +314,8 @@ static void pcd_init_units(void) > disk->queue = blk_mq_init_sq_queue(&cd->tag_set, &pcd_mq_ops, > 1, BLK_MQ_F_SHOULD_MERGE); > if (IS_ERR(disk->queue)) { > - put_disk(disk); > disk->queue = NULL; > + put_disk(disk); > continue; > } > > -- > 2.7.4 > > > . >
On 8/13/19 5:27 AM, zhengbin wrote: > In pcd_init_units, if blk_mq_init_sq_queue fails, need to set queue to > NULL before put_disk, otherwise null-ptr-deref Read will occur. > > put_disk > kobject_put > disk_release > blk_put_queue(disk->queue) Applied, thanks.
diff --git a/drivers/block/paride/pcd.c b/drivers/block/paride/pcd.c index 001dbdc..bfca80d 100644 --- a/drivers/block/paride/pcd.c +++ b/drivers/block/paride/pcd.c @@ -314,8 +314,8 @@ static void pcd_init_units(void) disk->queue = blk_mq_init_sq_queue(&cd->tag_set, &pcd_mq_ops, 1, BLK_MQ_F_SHOULD_MERGE); if (IS_ERR(disk->queue)) { - put_disk(disk); disk->queue = NULL; + put_disk(disk); continue; }
In pcd_init_units, if blk_mq_init_sq_queue fails, need to set queue to NULL before put_disk, otherwise null-ptr-deref Read will occur. put_disk kobject_put disk_release blk_put_queue(disk->queue) Fixes: f0d176255401 ("paride/pcd: Fix potential NULL pointer dereference and mem leak") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: zhengbin <zhengbin13@huawei.com> --- drivers/block/paride/pcd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.7.4