|
 |
dc245c |
check for a target being there before processing TargetAddress
|
|
|
dc245c |
|
|
|
dc245c |
Message-id: <1383729402-27559-12-git-send-email-pbonzini@redhat.com>
|
|
|
dc245c |
Patchwork-id: 55506
|
|
|
dc245c |
O-Subject: [PATCH 11/11] check for a target being there before processing TargetAddress
|
|
|
dc245c |
Bugzilla: 1026820
|
|
|
dc245c |
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
|
dc245c |
RH-Acked-by: Orit Wasserman <owasserm@redhat.com>
|
|
|
dc245c |
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
|
|
dc245c |
|
|
|
dc245c |
Otherwise we access a NULL pointer.
|
|
|
dc245c |
|
|
|
dc245c |
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
|
dc245c |
(cherry picked from commit 87ee6456217debfbb9a0180933ed84281e45a705)
|
|
|
dc245c |
---
|
|
|
dc245c |
lib/discovery.c | 8 ++++++++
|
|
|
dc245c |
1 file changed, 8 insertions(+)
|
|
|
dc245c |
diff --git a/lib/discovery.c b/lib/discovery.c
|
|
|
dc245c |
index 7396e71..178faef 100644
|
|
|
dc245c |
--- a/lib/discovery.c
|
|
|
dc245c |
+++ b/lib/discovery.c
|
|
|
dc245c |
@@ -169,6 +169,14 @@ iscsi_process_text_reply(struct iscsi_context *iscsi, struct iscsi_pdu *pdu,
|
|
|
dc245c |
target->next = targets;
|
|
|
dc245c |
targets = target;
|
|
|
dc245c |
} else if (!strncmp((char *)ptr, "TargetAddress=", 14)) {
|
|
|
dc245c |
+ if (targets == NULL || targets->target_address != NULL) {
|
|
|
dc245c |
+ iscsi_set_error(iscsi, "Invalid discovery "
|
|
|
dc245c |
+ "reply");
|
|
|
dc245c |
+ pdu->callback(iscsi, SCSI_STATUS_ERROR, NULL,
|
|
|
dc245c |
+ pdu->private_data);
|
|
|
dc245c |
+ iscsi_free_discovery_addresses(iscsi, targets);
|
|
|
dc245c |
+ return -1;
|
|
|
dc245c |
+ }
|
|
|
dc245c |
targets->target_address = iscsi_strdup(iscsi, (char *)ptr+14);
|
|
|
dc245c |
if (targets->target_address == NULL) {
|
|
|
dc245c |
iscsi_set_error(iscsi, "Failed to allocate "
|