Re: [PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
2014-07-03 19:45 GMT+02:00 Joe Lawrence :
> On Wed, 28 May 2014, Christoph Hellwig wrote:
>
>> > - ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
>> > + if (mpi_reply) {
>> > + ioc_status = le16_to_cpu(mpi_reply->IOCStatus) &
>> > MPI2_IOCSTATUS_MASK;
>> > + }
>> >
>> > if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
>> > ioc->port_enable_failed = 1;
>>
>> ioc_status isn't initialized without the reply and used here as well
>> as later in the function. I think we'll need input from LSI or others
>> with the spec on what to do when we didn't get a reply.
>
> Any update on this?
>
> The mpt3 version checks for !mpi_reply and returns 1. Which leads to
> another question -- should mpt{2,3}sas_port_enable_done ever return 0 (as
> their
> respective comments describe)?
>
> Regards,
>
> -- Joe
Hi
Good questions Joe!
And good someone else brought this up, because I guess it's not meant to me.
And it looks however now that I've done quite a few more patches that
there should not have been any {}
And then, it is perhaps good to sett a start value for ioc_status. My
suggestion is:
u16 ioc_status = MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED;
Kind regards
Rickard Strandqvist
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
On Wed, 28 May 2014, Christoph Hellwig wrote:
> > - ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
> > + if (mpi_reply) {
> > + ioc_status = le16_to_cpu(mpi_reply->IOCStatus) &
> > MPI2_IOCSTATUS_MASK;
> > + }
> >
> > if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
> > ioc->port_enable_failed = 1;
>
> ioc_status isn't initialized without the reply and used here as well
> as later in the function. I think we'll need input from LSI or others
> with the spec on what to do when we didn't get a reply.
Any update on this?
The mpt3 version checks for !mpi_reply and returns 1. Which leads to
another question -- should mpt{2,3}sas_port_enable_done ever return 0 (as their
respective comments describe)?
Regards,
-- Joe
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
On Wed, 28 May 2014, Christoph Hellwig wrote:
- ioc_status = le16_to_cpu(mpi_reply-IOCStatus) MPI2_IOCSTATUS_MASK;
+ if (mpi_reply) {
+ ioc_status = le16_to_cpu(mpi_reply-IOCStatus)
MPI2_IOCSTATUS_MASK;
+ }
if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
ioc-port_enable_failed = 1;
ioc_status isn't initialized without the reply and used here as well
as later in the function. I think we'll need input from LSI or others
with the spec on what to do when we didn't get a reply.
Any update on this?
The mpt3 version checks for !mpi_reply and returns 1. Which leads to
another question -- should mpt{2,3}sas_port_enable_done ever return 0 (as their
respective comments describe)?
Regards,
-- Joe
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
2014-07-03 19:45 GMT+02:00 Joe Lawrence joe.lawre...@stratus.com:
On Wed, 28 May 2014, Christoph Hellwig wrote:
- ioc_status = le16_to_cpu(mpi_reply-IOCStatus) MPI2_IOCSTATUS_MASK;
+ if (mpi_reply) {
+ ioc_status = le16_to_cpu(mpi_reply-IOCStatus)
MPI2_IOCSTATUS_MASK;
+ }
if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
ioc-port_enable_failed = 1;
ioc_status isn't initialized without the reply and used here as well
as later in the function. I think we'll need input from LSI or others
with the spec on what to do when we didn't get a reply.
Any update on this?
The mpt3 version checks for !mpi_reply and returns 1. Which leads to
another question -- should mpt{2,3}sas_port_enable_done ever return 0 (as
their
respective comments describe)?
Regards,
-- Joe
Hi
Good questions Joe!
And good someone else brought this up, because I guess it's not meant to me.
And it looks however now that I've done quite a few more patches that
there should not have been any {}
And then, it is perhaps good to sett a start value for ioc_status. My
suggestion is:
u16 ioc_status = MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED;
Kind regards
Rickard Strandqvist
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
> - ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
> + if (mpi_reply) {
> + ioc_status = le16_to_cpu(mpi_reply->IOCStatus) &
> MPI2_IOCSTATUS_MASK;
> + }
>
> if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
> ioc->port_enable_failed = 1;
ioc_status isn't initialized without the reply and used here as well
as later in the function. I think we'll need input from LSI or others
with the spec on what to do when we didn't get a reply.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
- ioc_status = le16_to_cpu(mpi_reply-IOCStatus) MPI2_IOCSTATUS_MASK;
+ if (mpi_reply) {
+ ioc_status = le16_to_cpu(mpi_reply-IOCStatus)
MPI2_IOCSTATUS_MASK;
+ }
if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
ioc-port_enable_failed = 1;
ioc_status isn't initialized without the reply and used here as well
as later in the function. I think we'll need input from LSI or others
with the spec on what to do when we didn't get a reply.
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
There is otherwise a risk of a possible null pointer dereference.
Was largely found by using a static code analysis program called cppcheck.
Signed-off-by: Rickard Strandqvist
---
drivers/scsi/mpt2sas/mpt2sas_base.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/scsi/mpt2sas/mpt2sas_base.c
b/drivers/scsi/mpt2sas/mpt2sas_base.c
index bde63f7..7ccc7e4 100644
--- a/drivers/scsi/mpt2sas/mpt2sas_base.c
+++ b/drivers/scsi/mpt2sas/mpt2sas_base.c
@@ -3581,7 +3581,9 @@ mpt2sas_port_enable_done(struct MPT2SAS_ADAPTER *ioc, u16
smid, u8 msix_index,
}
ioc->port_enable_cmds.status &= ~MPT2_CMD_PENDING;
- ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
+ if (mpi_reply) {
+ ioc_status = le16_to_cpu(mpi_reply->IOCStatus) &
MPI2_IOCSTATUS_MASK;
+ }
if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
ioc->port_enable_failed = 1;
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[PATCH] scsi: mpt2sas: mpt2sas_base.c: Fix for possible null pointer dereference
There is otherwise a risk of a possible null pointer dereference.
Was largely found by using a static code analysis program called cppcheck.
Signed-off-by: Rickard Strandqvist rickard_strandqv...@spectrumdigital.se
---
drivers/scsi/mpt2sas/mpt2sas_base.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/scsi/mpt2sas/mpt2sas_base.c
b/drivers/scsi/mpt2sas/mpt2sas_base.c
index bde63f7..7ccc7e4 100644
--- a/drivers/scsi/mpt2sas/mpt2sas_base.c
+++ b/drivers/scsi/mpt2sas/mpt2sas_base.c
@@ -3581,7 +3581,9 @@ mpt2sas_port_enable_done(struct MPT2SAS_ADAPTER *ioc, u16
smid, u8 msix_index,
}
ioc-port_enable_cmds.status = ~MPT2_CMD_PENDING;
- ioc_status = le16_to_cpu(mpi_reply-IOCStatus) MPI2_IOCSTATUS_MASK;
+ if (mpi_reply) {
+ ioc_status = le16_to_cpu(mpi_reply-IOCStatus)
MPI2_IOCSTATUS_MASK;
+ }
if (ioc_status != MPI2_IOCSTATUS_SUCCESS)
ioc-port_enable_failed = 1;
--
1.7.10.4
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
