diff mbox series

scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup

Message ID 20231011130350.819571-1-haowenchao2@huawei.com (mailing list archive)
State Accepted
Headers show
Series scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup | expand

Commit Message

Wenchao Hao Oct. 11, 2023, 1:03 p.m. UTC 
fc_lport_ptp_setup() did not check the return value of fc_rport_create()
which is possible to return NULL which would cause a NULL pointer
dereference. Address this issue by checking return value of
fc_rport_create() and log error message on fc_rport_create() failed.

Signed-off-by: Wenchao Hao <haowenchao2@huawei.com>
---
 drivers/scsi/libfc/fc_lport.c | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Simon Horman Oct. 13, 2023, 3:41 p.m. UTC | #1 
On Wed, Oct 11, 2023 at 09:03:50PM +0800, Wenchao Hao wrote:
> fc_lport_ptp_setup() did not check the return value of fc_rport_create()
> which is possible to return NULL which would cause a NULL pointer
> dereference. Address this issue by checking return value of
> fc_rport_create() and log error message on fc_rport_create() failed.
> 
> Signed-off-by: Wenchao Hao <haowenchao2@huawei.com>

Thanks,

I verified that fc_lport_ptp_setup can return NULL (if kzalloc fails).

Reviewed-by: Simon Horman <horms@kernel.org>
Martin K. Petersen Oct. 13, 2023, 6:06 p.m. UTC | #2 
Wenchao,

> fc_lport_ptp_setup() did not check the return value of
> fc_rport_create() which is possible to return NULL which would cause a
> NULL pointer dereference. Address this issue by checking return value
> of fc_rport_create() and log error message on fc_rport_create()
> failed.

Applied to 6.7/scsi-staging, thanks!
Martin K. Petersen Oct. 17, 2023, 1:11 a.m. UTC | #3 
On Wed, 11 Oct 2023 21:03:50 +0800, Wenchao Hao wrote:

> fc_lport_ptp_setup() did not check the return value of fc_rport_create()
> which is possible to return NULL which would cause a NULL pointer
> dereference. Address this issue by checking return value of
> fc_rport_create() and log error message on fc_rport_create() failed.
> 
> 

Applied to 6.7/scsi-queue, thanks!

[1/1] scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup
      https://git.kernel.org/mkp/scsi/c/4df105f0ce9f
diff mbox series

Patch

diff --git a/drivers/scsi/libfc/fc_lport.c b/drivers/scsi/libfc/fc_lport.c
index 9c02c9523c4d..904d66160785 100644
--- a/drivers/scsi/libfc/fc_lport.c
+++ b/drivers/scsi/libfc/fc_lport.c
@@ -241,6 +241,12 @@  static void fc_lport_ptp_setup(struct fc_lport *lport,
 	}
 	mutex_lock(&lport->disc.disc_mutex);
 	lport->ptp_rdata = fc_rport_create(lport, remote_fid);
+	if (!lport->ptp_rdata) {
+		printk(KERN_WARNING "libfc: Failed to setup lport 0x%x\n",
+			lport->port_id);
+		mutex_unlock(&lport->disc.disc_mutex);
+		return;
+	}
 	kref_get(&lport->ptp_rdata->kref);
 	lport->ptp_rdata->ids.port_name = remote_wwpn;
 	lport->ptp_rdata->ids.node_name = remote_wwnn;