[PATCH v2 1/1] qla2xxx: Fix Null ptr dereference in fail path in queue create code
From: Jiri Slaby
Date: Mon Sep 28 2009 - 04:19:46 EST
From: Anirban Chakraborty <anirban.chakraborty@xxxxxxxxxx>
Current code jumps to fail path in queue create functions and there it invokes
the queue free call with a (NULL) pointer to the queue which could not be
allocated. Fix it by returning ENOMEM directly without invoking the queue free
call.
[v2] use return 0 instead of return ENOMEM. Callers expect that.
Signed-off-by Jiri Slaby <jirislaby@xxxxxxxxx>
Signed-off-by: Anirban Chakraborty <anirban.chakraborty@xxxxxxxxxx>
---
drivers/scsi/qla2xxx/qla_mid.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/scsi/qla2xxx/qla_mid.c b/drivers/scsi/qla2xxx/qla_mid.c
index 42b799a..005050e 100644
--- a/drivers/scsi/qla2xxx/qla_mid.c
+++ b/drivers/scsi/qla2xxx/qla_mid.c
@@ -568,7 +568,7 @@ qla25xx_create_req_que(struct qla_hw_data *ha, uint16_t options,
if (req == NULL) {
qla_printk(KERN_WARNING, ha, "could not allocate memory"
"for request que\n");
- goto que_failed;
+ return 0;
}
req->length = REQUEST_ENTRY_CNT_24XX;
@@ -659,7 +659,7 @@ qla25xx_create_rsp_que(struct qla_hw_data *ha, uint16_t options,
if (rsp == NULL) {
qla_printk(KERN_WARNING, ha, "could not allocate memory for"
" response que\n");
- goto que_failed;
+ return 0;
}
rsp->length = RESPONSE_ENTRY_CNT_MQ;
--
1.6.4.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/