rpms / libiscsi

Clone
Source Code
GIT

Files

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8-beta-stream-rhel c8-stream-rhel c8s-stream-rhel c9 c9-beta
  1.   c7-beta
  2.   SOURCES
  3.   0030-check-for-a-target-being-there-before-processing-TargetAddress.patch
Blob Blame History Raw 
check for a target being there before processing TargetAddress

Message-id: <1383729402-27559-12-git-send-email-pbonzini@redhat.com>
Patchwork-id: 55506
O-Subject: [PATCH 11/11] check for a target being there before processing TargetAddress
Bugzilla: 1026820
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: Orit Wasserman <owasserm@redhat.com>
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>

Otherwise we access a NULL pointer.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 87ee6456217debfbb9a0180933ed84281e45a705)
---
 lib/discovery.c | 8 ++++++++
 1 file changed, 8 insertions(+)
diff --git a/lib/discovery.c b/lib/discovery.c
index 7396e71..178faef 100644
--- a/lib/discovery.c
+++ b/lib/discovery.c
@@ -169,6 +169,14 @@ iscsi_process_text_reply(struct iscsi_context *iscsi, struct iscsi_pdu *pdu,
 			target->next = targets;
 			targets = target;
 		} else if (!strncmp((char *)ptr, "TargetAddress=", 14)) {
+			if (targets == NULL || targets->target_address != NULL) {
+				iscsi_set_error(iscsi, "Invalid discovery "
+						"reply");
+				pdu->callback(iscsi, SCSI_STATUS_ERROR, NULL,
+					      pdu->private_data);
+				iscsi_free_discovery_addresses(iscsi, targets);
+				return -1;
+			}
 			targets->target_address = iscsi_strdup(iscsi, (char *)ptr+14);
 			if (targets->target_address == NULL) {
 				iscsi_set_error(iscsi, "Failed to allocate "

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation