From patchwork Sat Feb 5 03:18:28 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ajit Khaparde X-Patchwork-Id: 81993 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id E3C51B7126 for ; Sat, 5 Feb 2011 14:19:26 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753061Ab1BEDS6 (ORCPT ); Fri, 4 Feb 2011 22:18:58 -0500 Received: from exht1.emulex.com ([138.239.113.183]:13211 "EHLO exht1.ad.emulex.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751523Ab1BEDS5 (ORCPT ); Fri, 4 Feb 2011 22:18:57 -0500 Received: from akhaparde-VBox (138.239.115.181) by exht1.ad.emulex.com (138.239.113.183) with Microsoft SMTP Server (TLS) id 8.3.137.0; Fri, 4 Feb 2011 19:18:36 -0800 Date: Fri, 4 Feb 2011 21:18:28 -0600 From: Ajit Khaparde To: , CC: Subject: Re: [PATCH] ServerEngines, benet: Avoid potential null deref in be_cmd_get_seeprom_data() Message-ID: <20110205031828.GA12772@akhaparde-VBox> Reply-To: Ajit Khaparde MIME-Version: 1.0 Content-Disposition: inline X-URL: http://www.emulex.com Organization: Emulex Corp User-Agent: "Ajit's Mutt" X-OS: Linux i686 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org > From: Jesper Juhl [jj@chaosbits.net] > ent: Thursday, February 03, 2011 3:27 PM > To: netdev@vger.kernel.org > Cc: linux-drivers; linux-kernel@vger.kernel.org; Khaparde, Ajit; Bandi, Sarveshwar; Seetharaman, Subramanian; Perla, Sathya > Subject: [PATCH] ServerEngines, benet: Avoid potential null deref in be_cmd_get_seeprom_data() > wrb_from_mccq() may return null, so we may crash on a null deref in > be_cmd_get_seeprom_data(). > This avoids that potential crash. > Signed-off-by: Jesper Juhl Thanks Jesper. But because we have acquired a lock, we need to release it. I would suggest considering the following patch. --- [PATCH] ServerEngines, benet: Avoid potential null deref in be_cmd_get_seeprom_data() Found by: Jesper Juhl Signed-off-by: Ajit Khaparde --- drivers/net/benet/be_cmds.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/drivers/net/benet/be_cmds.c b/drivers/net/benet/be_cmds.c index 0c7811f..a179cc6 100644 --- a/drivers/net/benet/be_cmds.c +++ b/drivers/net/benet/be_cmds.c @@ -1786,6 +1786,10 @@ int be_cmd_get_seeprom_data(struct be_adapter *adapter, spin_lock_bh(&adapter->mcc_lock); wrb = wrb_from_mccq(adapter); + if (!wrb) { + status = -EBUSY; + goto err; + } req = nonemb_cmd->va; sge = nonembedded_sgl(wrb); @@ -1801,6 +1805,7 @@ int be_cmd_get_seeprom_data(struct be_adapter *adapter, status = be_mcc_notify_wait(adapter); +err: spin_unlock_bh(&adapter->mcc_lock); return status; }