[PATCH] scsi: qla2xxx: avoid crash in qlt_handle_abts_completion() if mcmd == NULL

From: Thomas Abraham
Date: Mon Nov 04 2019 - 13:18:26 EST

Next message: Florian Fainelli: "[PATCH 0/2] Couple of reset-brcmstb fixes"
Previous message: Mathieu Poirier: "[PATCH 05/14] coresight: etm4x: Fix input validation for sysfs."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

qlt_ctio_to_cmd() will return a NULL mcmd if h == QLA_TGT_SKIP_HANDLE. If
the error subcodes don't match the exact codes checked a crash will occur
when calling free_mcmd on the null mcmd

Signed-off-by: Thomas Abraham <tabraham@xxxxxxxx>
---
drivers/scsi/qla2xxx/qla_target.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c
index a06e56224a55..611ab224662f 100644
--- a/drivers/scsi/qla2xxx/qla_target.c
+++ b/drivers/scsi/qla2xxx/qla_target.c
@@ -5732,7 +5732,8 @@ static void qlt_handle_abts_completion(struct scsi_qla_host *vha,
vha->vp_idx, entry->compl_status,
entry->error_subcode1,
entry->error_subcode2);
- ha->tgt.tgt_ops->free_mcmd(mcmd);
+ if (mcmd)
+ ha->tgt.tgt_ops->free_mcmd(mcmd);
}
} else if (mcmd) {
ha->tgt.tgt_ops->free_mcmd(mcmd);
--
2.16.4

Next message: Florian Fainelli: "[PATCH 0/2] Couple of reset-brcmstb fixes"
Previous message: Mathieu Poirier: "[PATCH 05/14] coresight: etm4x: Fix input validation for sysfs."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]