https://bugzilla.kernel.org/show_bug.cgi?id=200317
Bug ID: 200317
Summary: Null pointer dereference error in
linux/drivers/scsi/scsi_transport_fc.c
Product: SCSI Drivers
Version: 2.5
Kernel Version: 4.17.3
Hardware: All
OS: Linux
Tree: Mainline
Status: NEW
Severity: normal
Priority: P1
Component: Other
Assignee: [email protected]
Reporter: [email protected]
Regression: No
In function fc_eh_timed_out , which is defined in
linux/drivers/scsi/scsi_transport_fc.c
2083-2086,
struct fc_rport *rport = starget_to_rport(scsi_target(scmd->device));
if (rport->port_state == FC_PORTSTATE_BLOCKED)
return BLK_EH_RESET_TIMER;
starget_to_rport is a macro defined in linux/include/scsi/scsi_transport_fc.h,
#define starget_to_rport(s) \
scsi_is_fc_rport(s->dev.parent) ? dev_to_rport(s->dev.parent) : NULL
Since starget_to_rport may return a NULL value, the variable rport may be
assigned NULL. Thus there is a potential Null Pointer Deref error in if
(rport->port_state == FC_PORTSTATE_BLOCKED). There should be a NULL value check
for rport .
--
You are receiving this mail because:
You are watching the assignee of the bug.
