diff mbox

qedr: return -EINVAL if pd is null and avoid null ptr dereference

Message ID 20161018183928.8539-1-colin.king@canonical.com (mailing list archive)
State Accepted
Headers show

Commit Message

Colin King Oct. 18, 2016, 6:39 p.m. UTC 
From: Colin Ian King <colin.king@canonical.com>

Currently, if pd is null then we hit a null pointer derference
on accessing pd->pd_id.  Instead of just printing an error message
we should also return -EINVAL immediately.

Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 drivers/infiniband/hw/qedr/verbs.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

Amrani, Ram Oct. 20, 2016, 7:12 a.m. UTC | #1 
PiAgZHJpdmVycy9pbmZpbmliYW5kL2h3L3FlZHIvdmVyYnMuYyB8IDQgKysrLQ0KPiAgMSBmaWxl
IGNoYW5nZWQsIDMgaW5zZXJ0aW9ucygrKSwgMSBkZWxldGlvbigtKQ0KPiANCj4gZGlmZiAtLWdp
dCBhL2RyaXZlcnMvaW5maW5pYmFuZC9ody9xZWRyL3ZlcmJzLmMNCj4gYi9kcml2ZXJzL2luZmlu
aWJhbmQvaHcvcWVkci92ZXJicy5jDQo+IGluZGV4IGE2MTUxNDIuLmIyYTBlYjggMTAwNjQ0DQo+
IC0tLSBhL2RyaXZlcnMvaW5maW5pYmFuZC9ody9xZWRyL3ZlcmJzLmMNCj4gKysrIGIvZHJpdmVy
cy9pbmZpbmliYW5kL2h3L3FlZHIvdmVyYnMuYw0KPiBAQCAtNTExLDggKzUxMSwxMCBAQCBpbnQg
cWVkcl9kZWFsbG9jX3BkKHN0cnVjdCBpYl9wZCAqaWJwZCkNCj4gIAlzdHJ1Y3QgcWVkcl9kZXYg
KmRldiA9IGdldF9xZWRyX2RldihpYnBkLT5kZXZpY2UpOw0KPiAgCXN0cnVjdCBxZWRyX3BkICpw
ZCA9IGdldF9xZWRyX3BkKGlicGQpOw0KPiANCj4gLQlpZiAoIXBkKQ0KPiArCWlmICghcGQpIHsN
Cj4gIAkJcHJfZXJyKCJJbnZhbGlkIFBEIHJlY2VpdmVkIGluIGRlYWxsb2NfcGRcbiIpOw0KPiAr
CQlyZXR1cm4gLUVJTlZBTDsNCj4gKwl9DQo+IA0KPiAgCURQX0RFQlVHKGRldiwgUUVEUl9NU0df
SU5JVCwgIkRlYWxsb2NhdGluZyBQRCAlZFxuIiwgcGQtPnBkX2lkKTsNCj4gIAlkZXYtPm9wcy0+
cmRtYV9kZWFsbG9jX3BkKGRldi0+cmRtYV9jdHgsIHBkLT5wZF9pZCk7DQo+IC0tDQo+IDIuOS4z
DQoNClRoYW5rcyBDb2xpbi4NCg0KQWNrZWQtYnk6IFJhbSBBbXJhbmkgPHJhbS5hbXJhbmlAY2F2
aXVtLmNvbT4NCg0K
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Doug Ledford Dec. 14, 2016, 4:25 p.m. UTC | #2 
On 10/18/2016 2:39 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> Currently, if pd is null then we hit a null pointer derference
> on accessing pd->pd_id.  Instead of just printing an error message
> we should also return -EINVAL immediately.
> 
> Signed-off-by: Colin Ian King <colin.king@canonical.com>

Applied, thanks.
diff mbox

Patch

diff --git a/drivers/infiniband/hw/qedr/verbs.c b/drivers/infiniband/hw/qedr/verbs.c
index a615142..b2a0eb8 100644
--- a/drivers/infiniband/hw/qedr/verbs.c
+++ b/drivers/infiniband/hw/qedr/verbs.c
@@ -511,8 +511,10 @@  int qedr_dealloc_pd(struct ib_pd *ibpd)
 	struct qedr_dev *dev = get_qedr_dev(ibpd->device);
 	struct qedr_pd *pd = get_qedr_pd(ibpd);
 
-	if (!pd)
+	if (!pd) {
 		pr_err("Invalid PD received in dealloc_pd\n");
+		return -EINVAL;
+	}
 
 	DP_DEBUG(dev, QEDR_MSG_INIT, "Deallocating PD %d\n", pd->pd_id);
 	dev->ops->rdma_dealloc_pd(dev->rdma_ctx, pd->pd_id);