Re: [PATCH] scsi: virtio_scsi: Fix a NULL pointer dereference in virtscsi_rescan_hotunplug()

From: Paolo Bonzini
Date: Tue Nov 30 2021 - 12:36:12 EST

Next message: Zhou Qingyang: "[PATCH] clk: mediatek: mt6779: Fix a NULL pointer dereference in clk_mt6779_top_probe()"
Previous message: Felix Kuehling: "Re: [PATCH] drm/amdkfd: Fix a wild pointer dereference in svm_range_add()"
In reply to: Zhou Qingyang: "[PATCH] scsi: virtio_scsi: Fix a NULL pointer dereference in virtscsi_rescan_hotunplug()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/30/21 18:19, Zhou Qingyang wrote:

--- a/drivers/scsi/virtio_scsi.c
+++ b/drivers/scsi/virtio_scsi.c
@@ -337,7 +337,11 @@ static void virtscsi_rescan_hotunplug(struct virtio_scsi *vscsi)
unsigned char scsi_cmd[MAX_COMMAND_SIZE];
int result, inquiry_len, inq_result_len = 256;
char *inq_result = kmalloc(inq_result_len, GFP_KERNEL);
-
+ if (!inq_result) {
+ pr_err("%s:no enough memory for inq_result\n",
+ __func__);
+ return;
+ }
shost_for_each_device(sdev, shost) {
inquiry_len = sdev->inquiry_len ? sdev->inquiry_len : 36;

In practice this will never happen, since the kmalloc is very small, so I think it's easier to just return early without a printk. On the other hand, if the out-of-memory really could happen, this should be a pr_err_ratelimited.

Paolo

Next message: Zhou Qingyang: "[PATCH] clk: mediatek: mt6779: Fix a NULL pointer dereference in clk_mt6779_top_probe()"
Previous message: Felix Kuehling: "Re: [PATCH] drm/amdkfd: Fix a wild pointer dereference in svm_range_add()"
In reply to: Zhou Qingyang: "[PATCH] scsi: virtio_scsi: Fix a NULL pointer dereference in virtscsi_rescan_hotunplug()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]