anitazha / rpms / ndctl

Forked from rpms/ndctl 2 years ago
Clone
Source Code
GIT

Blame 0061-libcxl-fix-potential-NULL-dereference-in-cxl_memdev_.patch

c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c8s-sig-hyperscale-facebook c9 c9-beta c9s-sig-hyperscale
  1.   c9s-sig-hyperscale
  2.   0061-libcxl-fix-potential-NULL-dereference-in-cxl_memdev_.patch
Blob History Raw
Jeff Moyer 2c91dc 
From c55b18181281b2fffadb9e0e8955d74b8b719349 Mon Sep 17 00:00:00 2001
Jeff Moyer 2c91dc 
From: Vishal Verma <vishal.l.verma@intel.com>
Jeff Moyer 2c91dc 
Date: Fri, 17 Dec 2021 19:25:11 -0700
Jeff Moyer 2c91dc 
Subject: [PATCH 061/217] libcxl: fix potential NULL dereference in
Jeff Moyer 2c91dc 
 cxl_memdev_nvdimm_bridge_active()
Jeff Moyer 2c91dc
Jeff Moyer 2c91dc 
Static analysis points out that the function above has a check for
Jeff Moyer 2c91dc 
'if (!bridge)', implying that bridge maybe NULL, but it is dereferenced
Jeff Moyer 2c91dc 
before the check, which could result in a NULL dereference.
Jeff Moyer 2c91dc
Jeff Moyer 2c91dc 
Fix this by moving any accesses to the bridge structure after the NULL
Jeff Moyer 2c91dc 
check.
Jeff Moyer 2c91dc
Jeff Moyer 2c91dc 
Link: https://lore.kernel.org/r/20211218022511.314928-1-vishal.l.verma@intel.com
Jeff Moyer 2c91dc 
Cc: Dan Williams <dan.j.williams@intel.com>
Jeff Moyer 2c91dc 
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Jeff Moyer 2c91dc 
Signed-off-by: Vishal Verma <vishal.l.verma@intel.com>
Jeff Moyer 2c91dc 
---
Jeff Moyer 2c91dc 
 cxl/lib/libcxl.c | 7 +++++--
Jeff Moyer 2c91dc 
 1 file changed, 5 insertions(+), 2 deletions(-)
Jeff Moyer 2c91dc
Jeff Moyer 2c91dc 
diff --git a/cxl/lib/libcxl.c b/cxl/lib/libcxl.c
Jeff Moyer 2c91dc 
index f0664be..3390eb9 100644
Jeff Moyer 2c91dc 
--- a/cxl/lib/libcxl.c
Jeff Moyer 2c91dc 
+++ b/cxl/lib/libcxl.c
Jeff Moyer 2c91dc 
@@ -420,12 +420,15 @@ CXL_EXPORT int cxl_memdev_nvdimm_bridge_active(struct cxl_memdev *memdev)
Jeff Moyer 2c91dc 
 {
Jeff Moyer 2c91dc 
 	struct cxl_ctx *ctx = cxl_memdev_get_ctx(memdev);
Jeff Moyer 2c91dc 
 	struct cxl_nvdimm_bridge *bridge = memdev->bridge;
Jeff Moyer 2c91dc 
-	char *path = bridge->dev_buf;
Jeff Moyer 2c91dc 
-	int len = bridge->buf_len;
Jeff Moyer 2c91dc 
+	char *path;
Jeff Moyer 2c91dc 
+	int len;
Jeff Moyer 2c91dc
Jeff Moyer 2c91dc 
 	if (!bridge)
Jeff Moyer 2c91dc 
 		return 0;
Jeff Moyer 2c91dc
Jeff Moyer 2c91dc 
+	path = bridge->dev_buf;
Jeff Moyer 2c91dc 
+	len = bridge->buf_len;
Jeff Moyer 2c91dc 
+
Jeff Moyer 2c91dc 
 	if (snprintf(path, len, "%s/driver", bridge->dev_path) >= len) {
Jeff Moyer 2c91dc 
 		err(ctx, "%s: nvdimm bridge buffer too small!\n",
Jeff Moyer 2c91dc 
 				cxl_memdev_get_devname(memdev));
Jeff Moyer 2c91dc 
--
Jeff Moyer 2c91dc 
2.27.0
Jeff Moyer 2c91dc

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation