Patchwork Fix possible null pointer dereference in ehea_qmr.c

login
register
mail settings
Submitter Huzaifa Sidhpurwala
Date March 14, 2011, 7:46 a.m.
Message ID <1300088764-9330-1-git-send-email-huzaifas@redhat.com>
Download mbox | patch
Permalink /patch/86684/
State Changes Requested
Delegated to: David Miller
Headers show

Comments

Huzaifa Sidhpurwala - March 14, 2011, 7:46 a.m.
From: Huzaifa Sidhpurwala <huzaifas@redhat.com>

If queue is zero, dont reference it

Signed-off-by: Huzaifa Sidhpurwala <huzaifas@redhat.com>
---
 drivers/net/ehea/ehea_qmr.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

--
1.7.3.4
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
David Miller - March 14, 2011, 10:34 p.m.
From: huzaifas@redhat.com
Date: Mon, 14 Mar 2011 13:16:04 +0530

> From: Huzaifa Sidhpurwala <huzaifas@redhat.com>
> 
> If queue is zero, dont reference it
> 
> Signed-off-by: Huzaifa Sidhpurwala <huzaifas@redhat.com>

There is no code path where hw_queue_dtor() is called with a NULL
"queue".  I've checked all of the code paths.

Therefore it's better to simply remove the NULL check.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/drivers/net/ehea/ehea_qmr.c b/drivers/net/ehea/ehea_qmr.c
index cd44bb8..fd0815d 100644
--- a/drivers/net/ehea/ehea_qmr.c
+++ b/drivers/net/ehea/ehea_qmr.c
@@ -106,12 +106,13 @@  out_nomem:

 static void hw_queue_dtor(struct hw_queue *queue)
 {
-	int pages_per_kpage = PAGE_SIZE / queue->pagesize;
+	int pages_per_kpage;
        int i, nr_pages;

        if (!queue || !queue->queue_pages)
                return;

+	pages_per_kpage = PAGE_SIZE / queue->pagesize;
        nr_pages = queue->queue_length / queue->pagesize;

        for (i = 0; i < nr_pages; i += pages_per_kpage)