* [PATCH] 9p: potential NULL dereference
@ 2018-09-26 10:39 ` Dan Carpenter
0 siblings, 0 replies; 4+ messages in thread
From: Dan Carpenter @ 2018-09-26 10:39 UTC (permalink / raw)
To: Eric Van Hensbergen, Matthew Wilcox
Cc: Latchesar Ionkov, Dominique Martinet, David S. Miller,
v9fs-developer, netdev, kernel-janitors
p9_tag_alloc() is supposed to return error pointers, but we accidentally
return a NULL here. It would cause a NULL dereference in the caller.
Fixes: 996d5b4db4b1 ("9p: Use a slab for allocating requests")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
diff --git a/net/9p/client.c b/net/9p/client.c
index 47fa6158a75a..5f23e18eecc0 100644
--- a/net/9p/client.c
+++ b/net/9p/client.c
@@ -281,7 +281,7 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size)
int tag;
if (!req)
- return NULL;
+ return ERR_PTR(-ENOMEM);
if (p9_fcall_init(c, &req->tc, alloc_msize))
goto free_req;
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH] 9p: potential NULL dereference
@ 2018-09-26 10:39 ` Dan Carpenter
0 siblings, 0 replies; 4+ messages in thread
From: Dan Carpenter @ 2018-09-26 10:39 UTC (permalink / raw)
To: Eric Van Hensbergen, Matthew Wilcox
Cc: Latchesar Ionkov, Dominique Martinet, David S. Miller,
v9fs-developer, netdev, kernel-janitors
p9_tag_alloc() is supposed to return error pointers, but we accidentally
return a NULL here. It would cause a NULL dereference in the caller.
Fixes: 996d5b4db4b1 ("9p: Use a slab for allocating requests")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
diff --git a/net/9p/client.c b/net/9p/client.c
index 47fa6158a75a..5f23e18eecc0 100644
--- a/net/9p/client.c
+++ b/net/9p/client.c
@@ -281,7 +281,7 @@ p9_tag_alloc(struct p9_client *c, int8_t type, unsigned int max_size)
int tag;
if (!req)
- return NULL;
+ return ERR_PTR(-ENOMEM);
if (p9_fcall_init(c, &req->tc, alloc_msize))
goto free_req;
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] 9p: potential NULL dereference
2018-09-26 10:39 ` Dan Carpenter
@ 2018-09-26 21:07 ` Dominique Martinet
-1 siblings, 0 replies; 4+ messages in thread
From: Dominique Martinet @ 2018-09-26 21:07 UTC (permalink / raw)
To: Dan Carpenter
Cc: Eric Van Hensbergen, Matthew Wilcox, Latchesar Ionkov,
David S. Miller, v9fs-developer, netdev, kernel-janitors
Dan Carpenter wrote on Wed, Sep 26, 2018:
> p9_tag_alloc() is supposed to return error pointers, but we accidentally
> return a NULL here. It would cause a NULL dereference in the caller.
>
> Fixes: 996d5b4db4b1 ("9p: Use a slab for allocating requests")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Good catch, the culprit commit is only in -next so just adding this to
the queue right away.
Thanks!
--
Dominique
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] 9p: potential NULL dereference
@ 2018-09-26 21:07 ` Dominique Martinet
0 siblings, 0 replies; 4+ messages in thread
From: Dominique Martinet @ 2018-09-26 21:07 UTC (permalink / raw)
To: Dan Carpenter
Cc: Eric Van Hensbergen, Matthew Wilcox, Latchesar Ionkov,
David S. Miller, v9fs-developer, netdev, kernel-janitors
Dan Carpenter wrote on Wed, Sep 26, 2018:
> p9_tag_alloc() is supposed to return error pointers, but we accidentally
> return a NULL here. It would cause a NULL dereference in the caller.
>
> Fixes: 996d5b4db4b1 ("9p: Use a slab for allocating requests")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Good catch, the culprit commit is only in -next so just adding this to
the queue right away.
Thanks!
--
Dominique
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-09-27 3:22 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-26 10:39 [PATCH] 9p: potential NULL dereference Dan Carpenter
2018-09-26 10:39 ` Dan Carpenter
2018-09-26 21:07 ` Dominique Martinet
2018-09-26 21:07 ` Dominique Martinet
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.