| Message ID | 20230421062110.368253-1-d-tatianin@yandex-team.ru (mailing list archive) |
|---|---|
| State | New, archived |
| Delegated to: | Song Liu |
| Headers | show |
| Series | [v2] md/md-multipath: guard against a possible NULL dereference | expand |
Hi, 在 2023/04/21 14:21, Daniil Tatianin 写道: > mempool_alloc might fail to allocate a slot, in which case we will end > up dereferencing a NULL mp_bh pointer. > > Found by Linux Verification Center (linuxtesting.org) with the SVACE > static analysis tool. > > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > Signed-off-by: Daniil Tatianin <d-tatianin@yandex-team.ru> > --- > Changes since v1: fixed a typo > --- > drivers/md/md-multipath.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/md/md-multipath.c b/drivers/md/md-multipath.c > index 66edf5e72bd6..8dfa353440e5 100644 > --- a/drivers/md/md-multipath.c > +++ b/drivers/md/md-multipath.c > @@ -108,6 +108,8 @@ static bool multipath_make_request(struct mddev *mddev, struct bio * bio) > return true; > > mp_bh = mempool_alloc(&conf->pool, GFP_NOIO); The comment in mempool_alloc says: Note that due to preallocation, this function *never* fails when called from process contexts. And there are many places to use this way, so I think this patch is not needed. Thanks, Kuai > + if (!mp_bh) > + return false; > > mp_bh->master_bio = bio; > mp_bh->mddev = mddev; >
diff --git a/drivers/md/md-multipath.c b/drivers/md/md-multipath.c index 66edf5e72bd6..8dfa353440e5 100644 --- a/drivers/md/md-multipath.c +++ b/drivers/md/md-multipath.c @@ -108,6 +108,8 @@ static bool multipath_make_request(struct mddev *mddev, struct bio * bio) return true; mp_bh = mempool_alloc(&conf->pool, GFP_NOIO); + if (!mp_bh) + return false; mp_bh->master_bio = bio; mp_bh->mddev = mddev;
mempool_alloc might fail to allocate a slot, in which case we will end up dereferencing a NULL mp_bh pointer. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Daniil Tatianin <d-tatianin@yandex-team.ru> --- Changes since v1: fixed a typo --- drivers/md/md-multipath.c | 2 ++ 1 file changed, 2 insertions(+)