* [bug report] nvme-fc: improve memory usage in nvme_fc_rcv_ls_req()
@ 2022-12-02 9:58 Dan Carpenter
2022-12-02 14:11 ` Chaitanya Kulkarni
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2022-12-02 9:58 UTC (permalink / raw)
To: christophe.jaillet; +Cc: linux-nvme
Hello Christophe JAILLET,
The patch cf3d00840170: "nvme-fc: improve memory usage in
nvme_fc_rcv_ls_req()" from Oct 2, 2022, leads to the following Smatch
static checker warning:
drivers/nvme/host/fc.c:1757 nvme_fc_rcv_ls_req() error: potential null dereference 'lsop'. (kzalloc returns null)
drivers/nvme/host/fc.c:1759 nvme_fc_rcv_ls_req() warn: variable dereferenced before check 'lsop' (see line 1757)
drivers/nvme/host/fc.c
1747 if (lsreqbuf_len > sizeof(union nvmefc_ls_requests)) {
1748 dev_info(lport->dev,
1749 "RCV %s LS failed: payload too large\n",
1750 (w0->ls_cmd <= NVME_FC_LAST_LS_CMD_VALUE) ?
1751 nvmefc_ls_names[w0->ls_cmd] : "");
1752 ret = -E2BIG;
1753 goto out_put;
1754 }
1755
1756 lsop = kzalloc(sizeof(*lsop), GFP_KERNEL);
--> 1757 lsop->rqstbuf = kzalloc(sizeof(*lsop->rqstbuf), GFP_KERNEL);
^^^^^^^^^^^^^
1758 lsop->rspbuf = kzalloc(sizeof(*lsop->rspbuf), GFP_KERNEL);
1759 if (!lsop || !lsop->rqstbuf || !lsop->rspbuf) {
^^^^
1760 dev_info(lport->dev,
1761 "RCV %s LS failed: No memory\n",
1762 (w0->ls_cmd <= NVME_FC_LAST_LS_CMD_VALUE) ?
1763 nvmefc_ls_names[w0->ls_cmd] : "");
1764 ret = -ENOMEM;
1765 goto out_free;
1766 }
1767
regards,
dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [bug report] nvme-fc: improve memory usage in nvme_fc_rcv_ls_req()
2022-12-02 9:58 [bug report] nvme-fc: improve memory usage in nvme_fc_rcv_ls_req() Dan Carpenter
@ 2022-12-02 14:11 ` Chaitanya Kulkarni
0 siblings, 0 replies; 2+ messages in thread
From: Chaitanya Kulkarni @ 2022-12-02 14:11 UTC (permalink / raw)
To: Dan Carpenter; +Cc: christophe.jaillet, linux-nvme
> On Dec 2, 2022, at 1:59 AM, Dan Carpenter <error27@gmail.com> wrote:
>
> Hello Christophe JAILLET,
>
> The patch cf3d00840170: "nvme-fc: improve memory usage in
> nvme_fc_rcv_ls_req()" from Oct 2, 2022, leads to the following Smatch
> static checker warning:
>
> drivers/nvme/host/fc.c:1757 nvme_fc_rcv_ls_req() error: potential null dereference 'lsop'. (kzalloc returns null)
> drivers/nvme/host/fc.c:1759 nvme_fc_rcv_ls_req() warn: variable dereferenced before check 'lsop' (see line 1757)
>
> drivers/nvme/host/fc.c
> 1747 if (lsreqbuf_len > sizeof(union nvmefc_ls_requests)) {
> 1748 dev_info(lport->dev,
> 1749 "RCV %s LS failed: payload too large\n",
> 1750 (w0->ls_cmd <= NVME_FC_LAST_LS_CMD_VALUE) ?
> 1751 nvmefc_ls_names[w0->ls_cmd] : "");
> 1752 ret = -E2BIG;
> 1753 goto out_put;
> 1754 }
> 1755
> 1756 lsop = kzalloc(sizeof(*lsop), GFP_KERNEL);
> --> 1757 lsop->rqstbuf = kzalloc(sizeof(*lsop->rqstbuf), GFP_KERNEL);
> ^^^^^^^^^^^^^
>
> 1758 lsop->rspbuf = kzalloc(sizeof(*lsop->rspbuf), GFP_KERNEL);
> 1759 if (!lsop || !lsop->rqstbuf || !lsop->rspbuf) {
> ^^^^
>
> 1760 dev_info(lport->dev,
> 1761 "RCV %s LS failed: No memory\n",
> 1762 (w0->ls_cmd <= NVME_FC_LAST_LS_CMD_VALUE) ?
> 1763 nvmefc_ls_names[w0->ls_cmd] : "");
> 1764 ret = -ENOMEM;
> 1765 goto out_free;
> 1766 }
> 1767
>
> regards,
> dan carpenter
>
I already sent out a fix on NVMe mailing list ...
-ck
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-12-02 14:12 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-02 9:58 [bug report] nvme-fc: improve memory usage in nvme_fc_rcv_ls_req() Dan Carpenter
2022-12-02 14:11 ` Chaitanya Kulkarni
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.