47 lines
1.5 KiB
Diff
47 lines
1.5 KiB
Diff
|
From c55b18181281b2fffadb9e0e8955d74b8b719349 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Vishal Verma <vishal.l.verma@intel.com>
|
||
|
|
Date: Fri, 17 Dec 2021 19:25:11 -0700
|
||
|
|
Subject: [PATCH 061/217] libcxl: fix potential NULL dereference in
|
||
|
|
cxl_memdev_nvdimm_bridge_active()
|
||
|
|
|
||
|
|
Static analysis points out that the function above has a check for
|
||
|
|
'if (!bridge)', implying that bridge maybe NULL, but it is dereferenced
|
||
|
|
before the check, which could result in a NULL dereference.
|
||
|
|
|
||
|
|
Fix this by moving any accesses to the bridge structure after the NULL
|
||
|
|
check.
|
||
|
|
|
||
|
|
Link: https://lore.kernel.org/r/20211218022511.314928-1-vishal.l.verma@intel.com
|
||
|
|
Cc: Dan Williams <dan.j.williams@intel.com>
|
||
|
|
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
|
||
|
|
Signed-off-by: Vishal Verma <vishal.l.verma@intel.com>
|
||
|
|
---
|
||
|
|
cxl/lib/libcxl.c | 7 +++++--
|
||
|
|
1 file changed, 5 insertions(+), 2 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/cxl/lib/libcxl.c b/cxl/lib/libcxl.c
|
||
|
|
index f0664be..3390eb9 100644
|
||
|
|
--- a/cxl/lib/libcxl.c
|
||
|
|
+++ b/cxl/lib/libcxl.c
|
||
|
|
@@ -420,12 +420,15 @@ CXL_EXPORT int cxl_memdev_nvdimm_bridge_active(struct cxl_memdev *memdev)
|
||
|
|
{
|
||
|
|
struct cxl_ctx *ctx = cxl_memdev_get_ctx(memdev);
|
||
|
|
struct cxl_nvdimm_bridge *bridge = memdev->bridge;
|
||
|
|
- char *path = bridge->dev_buf;
|
||
|
|
- int len = bridge->buf_len;
|
||
|
|
+ char *path;
|
||
|
|
+ int len;
|
||
|
|
|
||
|
|
if (!bridge)
|
||
|
|
return 0;
|
||
|
|
|
||
|
|
+ path = bridge->dev_buf;
|
||
|
|
+ len = bridge->buf_len;
|
||
|
|
+
|
||
|
|
if (snprintf(path, len, "%s/driver", bridge->dev_path) >= len) {
|
||
|
|
err(ctx, "%s: nvdimm bridge buffer too small!\n",
|
||
|
|
cxl_memdev_get_devname(memdev));
|
||
|
|
--
|
||
|
|
2.27.0
|
||
|
|
|