UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity

[SCSI] gdth: Allocate sense_buffer to prevent NULL pointer dereference 

Fix NULL pointer dereference during execution of Internal commands,
where gdth only allocates scp, but not scp->sense_buffer. The rest of
the code assumes that sense_buffer is allocated, which leads to a kernel
oops e.g. on reboot (during cache flush).

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
This commit is contained in:
Sven Schnelle 2008-03-10 22:50:04 +01:00 committed by James Bottomley
parent 4d3995b14b
commit 1b96f8955a
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
drivers/scsi/gdth.c
View File

@ -493,6 +493,12 @@ int __gdth_execute(struct scsi_device *sdev, gdth_cmd_str *gdtcmd, char *cmnd,
if (!scp) if (!scp)
return -ENOMEM; return -ENOMEM;
scp->sense_buffer = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_KERNEL);
if (!scp->sense_buffer) {
kfree(scp);
return -ENOMEM;
}
scp->device = sdev; scp->device = sdev;
memset(&cmndinfo, 0, sizeof(cmndinfo)); memset(&cmndinfo, 0, sizeof(cmndinfo));
@ -513,6 +519,7 @@ int __gdth_execute(struct scsi_device *sdev, gdth_cmd_str *gdtcmd, char *cmnd,
rval = cmndinfo.status; rval = cmndinfo.status;
if (info) if (info)
*info = cmndinfo.info; *info = cmndinfo.info;
kfree(scp->sense_buffer);
kfree(scp); kfree(scp);
return rval; return rval;
} }