Commit 17c5f65d authored by Bart Van Assche's avatar Bart Van Assche Committed by Martin K. Petersen

scsi: qla2xxx: Fix a NULL pointer dereference in an error path

This patch fixes the following Coverity complaint:

FORWARD_NULL

qla_init.c: 5275 in qla2x00_configure_local_loop()
5269
5270     		if (fcport->scan_state == QLA_FCPORT_FOUND)
5271     			qla24xx_fcport_handle_login(vha, fcport);
5272     	}
5273
5274     cleanup_allocation:
>>>     CID 353340:    (FORWARD_NULL)
>>>     Passing null pointer "new_fcport" to "qla2x00_free_fcport", which dereferences it.
5275     	qla2x00_free_fcport(new_fcport);
5276
5277     	if (rval != QLA_SUCCESS) {
5278     		ql_dbg(ql_dbg_disc, vha, 0x2098,
5279     		    "Configure local loop error exit: rval=%x.\n", rval);
5280     	}
qla_init.c: 5275 in qla2x00_configure_local_loop()
5269
5270     		if (fcport->scan_state == QLA_FCPORT_FOUND)
5271     			qla24xx_fcport_handle_login(vha, fcport);
5272     	}
5273
5274     cleanup_allocation:
>>>     CID 353340:    (FORWARD_NULL)
>>>     Passing null pointer "new_fcport" to "qla2x00_free_fcport", which dereferences it.
5275     	qla2x00_free_fcport(new_fcport);
5276
5277     	if (rval != QLA_SUCCESS) {
5278     		ql_dbg(ql_dbg_disc, vha, 0x2098,
5279     		    "Configure local loop error exit: rval=%x.\n", rval);
5280     	}

Fixes: 3dae2205 ("scsi: qla2xxx: Use common routine to free fcport struct")
Cc: Himanshu Madhani <hmadhani@marvell.com>
Cc: Quinn Tran <qutran@marvell.com>
Cc: Martin Wilck <mwilck@suse.com>
Cc: Daniel Wagner <dwagner@suse.de>
Cc: Roman Bolshakov <r.bolshakov@yadro.com>
Link: https://lore.kernel.org/r/20200118042056.32232-1-bvanassche@acm.orgSigned-off-by: default avatarBart Van Assche <bvanassche@acm.org>
Reviewed-by: default avatarEwan D. Milne <emilne@redhat.com>
Reviewed-by: default avatarDaniel Wagner <dwagner@suse.de>
Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
parent 6ca67a8e
......@@ -5108,7 +5108,7 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha)
rval = qla2x00_get_id_list(vha, ha->gid_list, ha->gid_list_dma,
&entries);
if (rval != QLA_SUCCESS)
goto cleanup_allocation;
goto err;
ql_dbg(ql_dbg_disc, vha, 0x2011,
"Entries in ID list (%d).\n", entries);
......@@ -5138,7 +5138,7 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha)
ql_log(ql_log_warn, vha, 0x2012,
"Memory allocation failed for fcport.\n");
rval = QLA_MEMORY_ALLOC_FAILED;
goto cleanup_allocation;
goto err;
}
new_fcport->flags &= ~FCF_FABRIC_DEVICE;
......@@ -5228,7 +5228,7 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha)
ql_log(ql_log_warn, vha, 0xd031,
"Failed to allocate memory for fcport.\n");
rval = QLA_MEMORY_ALLOC_FAILED;
goto cleanup_allocation;
goto err;
}
spin_lock_irqsave(&vha->hw->tgt.sess_lock, flags);
new_fcport->flags &= ~FCF_FABRIC_DEVICE;
......@@ -5271,15 +5271,14 @@ qla2x00_configure_local_loop(scsi_qla_host_t *vha)
qla24xx_fcport_handle_login(vha, fcport);
}
cleanup_allocation:
qla2x00_free_fcport(new_fcport);
if (rval != QLA_SUCCESS) {
ql_dbg(ql_dbg_disc, vha, 0x2098,
"Configure local loop error exit: rval=%x.\n", rval);
}
return rval;
return (rval);
err:
ql_dbg(ql_dbg_disc, vha, 0x2098,
"Configure local loop error exit: rval=%x.\n", rval);
return rval;
}
static void
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment