Eric Lee / smarc-ti-linux-kernel

Download as
Browse Code ยป

Commit cced5041ed5a2d1352186510944b0ddfbdbe4c0b

Authored by Stratos Psomadakis
Committed by James Bottomley
1 parent 9fc397fc08
Exists in master and in 20 other branches dlt-processor-sdk-linux-03.00.00.04, newt-ti-linux-3.12.y, processor-sdk-linux-01.00.00, processor-sdk-linux-02.00.01, smarc-ti-linux-3.12.10, smarc-ti-linux-3.12.y, smarc-ti-linux-3.14.y, smarc-ti-linux-3.15.y, smarc-ti-lsk-linux-4.1.y, smarct3x-processor-sdk-04.01.00.06, smarct3x-processor-sdk-linux-02.00.01, smarct3x-processor-sdk-linux-03.00.00.04, smarct4x-800-processor-sdk-linux-02.00.01, smarct4x-processor-sdk-04.01.00.06, smarct4x-processor-sdk-linux-02.00.01, smarct4x-processor-sdk-linux-03.00.00.04, ti-linux-3.12.y, ti-linux-3.14.y, ti-linux-3.15.y, ti-lsk-linux-4.1.y

[SCSI] sym53c8xx: Fix NULL pointer dereference in slave_destroy 

sym53c8xx_slave_destroy unconditionally assumes that sym53c8xx_slave_alloc has
succesesfully allocated a sym_lcb. This can lead to a NULL pointer dereference
(exposed by commit 4e6c82b).

Signed-off-by: Stratos Psomadakis <psomas@gentoo.org>
Cc: stable@vger.kernel.org
Signed-off-by: James Bottomley <JBottomley@Parallels.com>

Showing 1 changed file with 4 additions and 0 deletions Side-by-side Diff

drivers/scsi/sym53c8xx_2/sym_glue.c
Diff comments   View file @ cced504
... ... @@ -839,6 +839,10 @@
839 839 struct sym_lcb *lp = sym_lp(tp, sdev->lun);
840 840 unsigned long flags;
841 841  
  842 + /* if slave_alloc returned before allocating a sym_lcb, return */
  843 + if (!lp)
  844 + return;
  845 +
842 846 spin_lock_irqsave(np->s.host->host_lock, flags);
843 847  
844 848 if (lp->busy_itlq || lp->busy_itl) {