calling scsi_init_one on sc->request_buffer when sc->request_bufflen is zero is
unsafe
Signed-off-by: Or Gerlitz <[EMAIL PROTECTED]>
Index: infiniband-git/drivers/infiniband/ulp/iser/iser_initiator.c
===================================================================
--- infiniband-git.orig/drivers/infiniband/ulp/iser/iser_initiator.c
2006-06-20 12:26:17.000000000 +0300
+++ infiniband-git/drivers/infiniband/ulp/iser/iser_initiator.c 2006-06-20
12:27:42.000000000 +0300
@@ -391,7 +391,8 @@
if (sc->use_sg) { /* using a scatter list */
data_buf->buf = sc->request_buffer;
data_buf->size = sc->use_sg;
- } else { /* using a single buffer - convert it into one entry SG */
+ } else if (sc->request_bufflen) {
+ /* using a single buffer - convert it into one entry SG */
sg_init_one(&data_buf->sg_single,
sc->request_buffer, sc->request_bufflen);
data_buf->buf = &data_buf->sg_single;
_______________________________________________
openib-general mailing list
[email protected]
http://openib.org/mailman/listinfo/openib-general
To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
