[PATCH] net: 9p: Fix a possible null-pointer dereference in p9_cm_event_handler()

From: Tuo Li
Date: Thu Dec 18 2025 - 02:10:34 EST

Next message: Manivannan Sadhasivam: "Re: [PATCH] PCI: endpoint: epf-mhi: add WQ_PERCPU to alloc_workqueue users"
Previous message: Manivannan Sadhasivam: "Re: [PATCH] PCI: endpoint: add WQ_PERCPU to alloc_workqueue users"
Next in thread: Christian Schoenebeck: " Re: [PATCH] net: 9p: Fix a possible null-pointer dereference in p9_cm_event_handler()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In p9_cm_event_handler(), rdma is checked in the RDMA_CM_EVENT_DISCONNECTED
case, indicating that it may be NULL. If this happens, a null-pointer
dereference can occur when complete() is called:

complete(&rdma->cm_done);

To prevent such a potential null-pointer dereference, add a defensive check
before invoking complete().

Signed-off-by: Tuo Li <islituo@xxxxxxxxx>
---
net/9p/trans_rdma.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/9p/trans_rdma.c b/net/9p/trans_rdma.c
index 4d406479f83b..b5ceae1cccbb 100644
--- a/net/9p/trans_rdma.c
+++ b/net/9p/trans_rdma.c
@@ -170,7 +170,8 @@ p9_cm_event_handler(struct rdma_cm_id *id, struct rdma_cm_event *event)
default:
BUG();
}
- complete(&rdma->cm_done);
+ if (rdma)
+ complete(&rdma->cm_done);
return 0;
}

--
2.43.0

Next message: Manivannan Sadhasivam: "Re: [PATCH] PCI: endpoint: epf-mhi: add WQ_PERCPU to alloc_workqueue users"
Previous message: Manivannan Sadhasivam: "Re: [PATCH] PCI: endpoint: add WQ_PERCPU to alloc_workqueue users"
Next in thread: Christian Schoenebeck: " Re: [PATCH] net: 9p: Fix a possible null-pointer dereference in p9_cm_event_handler()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]