* [PATCH] mmc: block: blk-mq: Potential NULL deref on mmc_blk_alloc_req() failure
@ 2017-12-08 11:55 Dan Carpenter
2017-12-08 12:02 ` Adrian Hunter
2017-12-11 12:29 ` Ulf Hansson
0 siblings, 2 replies; 3+ messages in thread
From: Dan Carpenter @ 2017-12-08 11:55 UTC (permalink / raw)
To: Ulf Hansson, Adrian Hunter
Cc: Linus Walleij, Shawn Lin, linux-mmc, kernel-janitors
mmc_blk_alloc_req() is supposed to return error pointers but there is
one path where we forget to set the error code and accidentally return
NULL. The callers are not expecting that and will have a NULL pointer
dereference.
Fixes: 23da8bed11f2 ("mmc: block: Simplify cleaning up the queue")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
diff --git a/drivers/mmc/core/block.c b/drivers/mmc/core/block.c
index ab384ba6cb37..6af2b660b1f7 100644
--- a/drivers/mmc/core/block.c
+++ b/drivers/mmc/core/block.c
@@ -3037,6 +3037,7 @@ static struct mmc_blk_data *mmc_blk_alloc_req(struct mmc_card *card,
*/
if (!blk_get_queue(md->queue.queue)) {
mmc_cleanup_queue(&md->queue);
+ ret = -ENODEV;
goto err_putdisk;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] mmc: block: blk-mq: Potential NULL deref on mmc_blk_alloc_req() failure
2017-12-08 11:55 [PATCH] mmc: block: blk-mq: Potential NULL deref on mmc_blk_alloc_req() failure Dan Carpenter
@ 2017-12-08 12:02 ` Adrian Hunter
2017-12-11 12:29 ` Ulf Hansson
1 sibling, 0 replies; 3+ messages in thread
From: Adrian Hunter @ 2017-12-08 12:02 UTC (permalink / raw)
To: Dan Carpenter, Ulf Hansson
Cc: Linus Walleij, Shawn Lin, linux-mmc, kernel-janitors
On 08/12/17 13:55, Dan Carpenter wrote:
> mmc_blk_alloc_req() is supposed to return error pointers but there is
> one path where we forget to set the error code and accidentally return
> NULL. The callers are not expecting that and will have a NULL pointer
> dereference.
>
> Fixes: 23da8bed11f2 ("mmc: block: Simplify cleaning up the queue")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Adrian Hunter <adrian.hunter@intel.com>
>
> diff --git a/drivers/mmc/core/block.c b/drivers/mmc/core/block.c
> index ab384ba6cb37..6af2b660b1f7 100644
> --- a/drivers/mmc/core/block.c
> +++ b/drivers/mmc/core/block.c
> @@ -3037,6 +3037,7 @@ static struct mmc_blk_data *mmc_blk_alloc_req(struct mmc_card *card,
> */
> if (!blk_get_queue(md->queue.queue)) {
> mmc_cleanup_queue(&md->queue);
> + ret = -ENODEV;
> goto err_putdisk;
> }
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] mmc: block: blk-mq: Potential NULL deref on mmc_blk_alloc_req() failure
2017-12-08 11:55 [PATCH] mmc: block: blk-mq: Potential NULL deref on mmc_blk_alloc_req() failure Dan Carpenter
2017-12-08 12:02 ` Adrian Hunter
@ 2017-12-11 12:29 ` Ulf Hansson
1 sibling, 0 replies; 3+ messages in thread
From: Ulf Hansson @ 2017-12-11 12:29 UTC (permalink / raw)
To: Dan Carpenter
Cc: Adrian Hunter, Linus Walleij, Shawn Lin,
linux-mmc@vger.kernel.org, kernel-janitors
On 8 December 2017 at 12:55, Dan Carpenter <dan.carpenter@oracle.com> wrote:
> mmc_blk_alloc_req() is supposed to return error pointers but there is
> one path where we forget to set the error code and accidentally return
> NULL. The callers are not expecting that and will have a NULL pointer
> dereference.
>
> Fixes: 23da8bed11f2 ("mmc: block: Simplify cleaning up the queue")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Thanks, applied for next!
Kind regards
Uffe
>
> diff --git a/drivers/mmc/core/block.c b/drivers/mmc/core/block.c
> index ab384ba6cb37..6af2b660b1f7 100644
> --- a/drivers/mmc/core/block.c
> +++ b/drivers/mmc/core/block.c
> @@ -3037,6 +3037,7 @@ static struct mmc_blk_data *mmc_blk_alloc_req(struct mmc_card *card,
> */
> if (!blk_get_queue(md->queue.queue)) {
> mmc_cleanup_queue(&md->queue);
> + ret = -ENODEV;
> goto err_putdisk;
> }
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-12-11 12:29 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-12-08 11:55 [PATCH] mmc: block: blk-mq: Potential NULL deref on mmc_blk_alloc_req() failure Dan Carpenter
2017-12-08 12:02 ` Adrian Hunter
2017-12-11 12:29 ` Ulf Hansson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox