* WTF is going with sock->file "allocation" by iscsi_target_login.c?
@ 2011-12-30 1:34 Al Viro
0 siblings, 0 replies; only message in thread
From: Al Viro @ 2011-12-30 1:34 UTC (permalink / raw)
To: netdev; +Cc: linux-fsdevel, open-iscsi, Nicholas Bellinger
In iscsi_target_setup_login_socket()
/*
* The SCTP stack needs struct socket->file.
*/
if ((np->np_network_transport == ISCSI_SCTP_TCP) ||
(np->np_network_transport == ISCSI_SCTP_UDP)) {
if (!sock->file) {
sock->file = kzalloc(sizeof(struct file), GFP_KERNEL);
and similar bit slightly below are utterly bogus. In the best case the comment
is BS and SCTP actually doesn't give a damn about having non-NULL sock->file.
Assuming that this Fine Piece Of Software actually manages to deal with
all codepaths that might kill that sock, that is.
In the worst case, we end up leaking stuff or passing that object to something
that expect real struct file *. In which case we are well and truly screwed.
Could somebody familiar with the code in question (iscsi and sctp) explain
what the hell is going on?
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2011-12-30 1:34 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-12-30 1:34 WTF is going with sock->file "allocation" by iscsi_target_login.c? Al Viro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).