From c55b18181281b2fffadb9e0e8955d74b8b719349 Mon Sep 17 00:00:00 2001 From: Vishal Verma Date: Fri, 17 Dec 2021 19:25:11 -0700 Subject: [PATCH 061/217] libcxl: fix potential NULL dereference in cxl_memdev_nvdimm_bridge_active() Static analysis points out that the function above has a check for 'if (!bridge)', implying that bridge maybe NULL, but it is dereferenced before the check, which could result in a NULL dereference. Fix this by moving any accesses to the bridge structure after the NULL check. Link: https://lore.kernel.org/r/20211218022511.314928-1-vishal.l.verma@intel.com Cc: Dan Williams Reviewed-by: Dan Williams Signed-off-by: Vishal Verma --- cxl/lib/libcxl.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cxl/lib/libcxl.c b/cxl/lib/libcxl.c index f0664be..3390eb9 100644 --- a/cxl/lib/libcxl.c +++ b/cxl/lib/libcxl.c @@ -420,12 +420,15 @@ CXL_EXPORT int cxl_memdev_nvdimm_bridge_active(struct cxl_memdev *memdev) { struct cxl_ctx *ctx = cxl_memdev_get_ctx(memdev); struct cxl_nvdimm_bridge *bridge = memdev->bridge; - char *path = bridge->dev_buf; - int len = bridge->buf_len; + char *path; + int len; if (!bridge) return 0; + path = bridge->dev_buf; + len = bridge->buf_len; + if (snprintf(path, len, "%s/driver", bridge->dev_path) >= len) { err(ctx, "%s: nvdimm bridge buffer too small!\n", cxl_memdev_get_devname(memdev)); -- 2.27.0