From: James Bottomley <James.Bottomley@suse.de>
To: "Moger, Babu" <Babu.Moger@lsi.com>
Cc: Dan Carpenter <error27@gmail.com>,
Mike Snitzer <snitzer@redhat.com>,
Menny Hamburger <Menny_Hamburger@Dell.com>,
"linux-scsi@vger.kernel.org" <linux-scsi@vger.kernel.org>,
"kernel-janitors@vger.kernel.org"
<kernel-janitors@vger.kernel.org>
Subject: RE: [patch] [SCSI] scsi_dh: potential null dereference in
Date: Tue, 04 Jan 2011 19:58:41 +0000 [thread overview]
Message-ID: <1294171121.7879.6.camel@mulgrave.site> (raw)
In-Reply-To: <E463DF2B2E584B4A82673F53D62C2EF4F5583074@cosmail01.lsi.com>
On Tue, 2011-01-04 at 12:50 -0700, Moger, Babu wrote:
> > -----Original Message-----
> > From: James Bottomley [mailto:James.Bottomley@suse.de]
> > Sent: Tuesday, January 04, 2011 10:25 AM
> > To: Moger, Babu
> > Cc: Dan Carpenter; Mike Snitzer; Menny Hamburger; linux-
> > scsi@vger.kernel.org; kernel-janitors@vger.kernel.org
> > Subject: RE: [patch] [SCSI] scsi_dh: potential null dereference in
> > scsi_dh_activate()
> >
> > On Tue, 2011-01-04 at 09:13 -0700, Moger, Babu wrote:
> > > Looks good to me.
> >
> > It does? The first check is the bogus one, surely. The queue is
> > created and destroyed by scsi_alloc_sdev(), so queuedata can never be
> > NULL for a SCSI queue. There's no check anywhere in the rest of SCSI,
> > so there shouldn't be one here, should there?
>
> You are right. This check may not be required.
>
> But I am not sure why there is a check in scsi_device_from_queue.
> Is there a possibility of request_fn other than scsi_request_fn for scsi device? I don’t know. Here is the code..
>
> struct scsi_device *scsi_device_from_queue(struct request_queue *q)
> {
> struct scsi_device *sdev = NULL;
>
> if (q->request_fn = scsi_request_fn)
> sdev = q->queuedata;
>
> return sdev;
It can be called for any queue so it returns NULL for a non-SCSI queue.
If you think the queue scsi_dh_activate() is called on may be a non-scsi
one, then you need to use scsi_device_from_queue() and check the result.
Checking q->queuedata for NULL isn't sufficient because other devices
are perfectly entitled to use q->queuedata for their own purposes. If
you know you have a SCSI queue, you can just pick sdev out of
q->queuedata.
James
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
prev parent reply other threads:[~2011-01-04 19:58 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-03 5:48 [patch] [SCSI] scsi_dh: potential null dereference in Dan Carpenter
2011-01-04 16:13 ` Moger, Babu
2011-01-04 16:24 ` James Bottomley
2011-01-04 19:50 ` Moger, Babu
2011-01-04 19:58 ` James Bottomley [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1294171121.7879.6.camel@mulgrave.site \
--to=james.bottomley@suse.de \
--cc=Babu.Moger@lsi.com \
--cc=Menny_Hamburger@Dell.com \
--cc=error27@gmail.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=snitzer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox