[PATCH 10/47] staging/lustre/gss: fix few issues found by Klocwork Insight tool

From: Oleg Drokin
Date: Sun Apr 27 2014 - 13:23:38 EST

Next message: Oleg Drokin: "[PATCH 11/47] staging/lustre/ptlrpc: add rpc_cache"
Previous message: Oleg Drokin: "[PATCH 09/47] staging/lustre/ptlrpc: don't try to recover no_recov connection"
In reply to: Oleg Drokin: "[PATCH 09/47] staging/lustre/ptlrpc: don't try to recover no_recov connection"
Next in thread: Oleg Drokin: "[PATCH 11/47] staging/lustre/ptlrpc: add rpc_cache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Dmitry Eremin <dmitry.eremin@xxxxxxxxx>

Array 'message_buf' of size 500 may use index value(s) -1

Object 'enc_key.data' was freed at line 164 after being freed
by calling 'free' at line 150. Also there are 3 similar errors
on line(s) 164.

Suspicious dereference of pointer 'vmsg' before NULL check at
line 187. Also there are 2 similar errors on line(s) 196, 205.

Suspicious dereference of pointer 'rmsg' before NULL check at
line 191. Also there are 2 similar errors on line(s) 200, 209.

Signed-off-by: Dmitry Eremin <dmitry.eremin@xxxxxxxxx>
Reviewed-on: http://review.whamcloud.com/9274
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4629
Reviewed-by: John L. Hammond <john.hammond@xxxxxxxxx>
Reviewed-by: James Simmons <uja.ornl@xxxxxxxxx>
Signed-off-by: Oleg Drokin <oleg.drokin@xxxxxxxxx>
---
drivers/staging/lustre/lustre/ptlrpc/gss/gss_bulk.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/drivers/staging/lustre/lustre/ptlrpc/gss/gss_bulk.c b/drivers/staging/lustre/lustre/ptlrpc/gss/gss_bulk.c
index 7852bf3..93794bd 100644
--- a/drivers/staging/lustre/lustre/ptlrpc/gss/gss_bulk.c
+++ b/drivers/staging/lustre/lustre/ptlrpc/gss/gss_bulk.c
@@ -176,31 +176,31 @@ int gss_cli_ctx_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
switch (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc)) {
case SPTLRPC_SVC_NULL:
vmsg = req->rq_repdata;
+ LASSERT(vmsg != NULL && vmsg->lm_bufcount >= 3);
voff = vmsg->lm_bufcount - 1;
- LASSERT(vmsg && vmsg->lm_bufcount >= 3);

rmsg = req->rq_reqbuf;
+ LASSERT(rmsg != NULL && rmsg->lm_bufcount >= 3);
roff = rmsg->lm_bufcount - 1; /* last segment */
- LASSERT(rmsg && rmsg->lm_bufcount >= 3);
break;
case SPTLRPC_SVC_AUTH:
case SPTLRPC_SVC_INTG:
vmsg = req->rq_repdata;
+ LASSERT(vmsg != NULL && vmsg->lm_bufcount >= 4);
voff = vmsg->lm_bufcount - 2;
- LASSERT(vmsg && vmsg->lm_bufcount >= 4);

rmsg = req->rq_reqbuf;
+ LASSERT(rmsg != NULL && rmsg->lm_bufcount >= 4);
roff = rmsg->lm_bufcount - 2; /* second last segment */
- LASSERT(rmsg && rmsg->lm_bufcount >= 4);
break;
case SPTLRPC_SVC_PRIV:
vmsg = req->rq_repdata;
+ LASSERT(vmsg != NULL && vmsg->lm_bufcount >= 2);
voff = vmsg->lm_bufcount - 1;
- LASSERT(vmsg && vmsg->lm_bufcount >= 2);

rmsg = req->rq_clrbuf;
+ LASSERT(rmsg != NULL && rmsg->lm_bufcount >= 2);
roff = rmsg->lm_bufcount - 1; /* last segment */
- LASSERT(rmsg && rmsg->lm_bufcount >= 2);
break;
default:
LBUG();
--
1.8.5.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oleg Drokin: "[PATCH 11/47] staging/lustre/ptlrpc: add rpc_cache"
Previous message: Oleg Drokin: "[PATCH 09/47] staging/lustre/ptlrpc: don't try to recover no_recov connection"
In reply to: Oleg Drokin: "[PATCH 09/47] staging/lustre/ptlrpc: don't try to recover no_recov connection"
Next in thread: Oleg Drokin: "[PATCH 11/47] staging/lustre/ptlrpc: add rpc_cache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]