diff options
author | Boaz Harrosh <bharrosh@panasas.com> | 2009-02-08 11:02:22 -0500 |
---|---|---|
committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2009-03-12 13:58:13 -0400 |
commit | 97218a1499391b174ea95e05b7a40fbb73e79813 (patch) | |
tree | 60b8cf81afce2f45300990c50a866205153dbdf7 /drivers/scsi/osd/osd_initiator.c | |
parent | c96952ed7031e7c576ecf90cf95b8ec099d5295a (diff) |
[SCSI] libosd: Fix NULL dereference BUG when target is not OSD conformant
Very old OSC's Target had a BUG in the Get/Set attributes where
it was looking in the wrong places for attribute lists length.
If used with the open-osd initiator, the initiator would dereference
a NULL pointer when retrieving system_information attributes.
Checks are added that retrieval of each attribute is successful
before accessing its value.
Signed-off-by: Boaz Harrosh <bharrosh@panasas.com>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Diffstat (limited to 'drivers/scsi/osd/osd_initiator.c')
-rw-r--r-- | drivers/scsi/osd/osd_initiator.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/drivers/scsi/osd/osd_initiator.c b/drivers/scsi/osd/osd_initiator.c index 0bbbf271fbb..552f58b655d 100644 --- a/drivers/scsi/osd/osd_initiator.c +++ b/drivers/scsi/osd/osd_initiator.c | |||
@@ -131,7 +131,7 @@ static int _osd_print_system_info(struct osd_dev *od, void *caps) | |||
131 | 131 | ||
132 | pFirst = get_attrs[a++].val_ptr; | 132 | pFirst = get_attrs[a++].val_ptr; |
133 | OSD_INFO("OSD_ATTR_RI_PRODUCT_REVISION_LEVEL [%u]\n", | 133 | OSD_INFO("OSD_ATTR_RI_PRODUCT_REVISION_LEVEL [%u]\n", |
134 | get_unaligned_be32(pFirst)); | 134 | pFirst ? get_unaligned_be32(pFirst) : ~0U); |
135 | 135 | ||
136 | pFirst = get_attrs[a++].val_ptr; | 136 | pFirst = get_attrs[a++].val_ptr; |
137 | OSD_INFO("OSD_ATTR_RI_PRODUCT_SERIAL_NUMBER [%s]\n", | 137 | OSD_INFO("OSD_ATTR_RI_PRODUCT_SERIAL_NUMBER [%s]\n", |
@@ -143,15 +143,18 @@ static int _osd_print_system_info(struct osd_dev *od, void *caps) | |||
143 | 143 | ||
144 | pFirst = get_attrs[a++].val_ptr; | 144 | pFirst = get_attrs[a++].val_ptr; |
145 | OSD_INFO("OSD_ATTR_RI_TOTAL_CAPACITY [0x%llx]\n", | 145 | OSD_INFO("OSD_ATTR_RI_TOTAL_CAPACITY [0x%llx]\n", |
146 | _LLU(get_unaligned_be64(pFirst))); | 146 | pFirst ? _LLU(get_unaligned_be64(pFirst)) : ~0ULL); |
147 | 147 | ||
148 | pFirst = get_attrs[a++].val_ptr; | 148 | pFirst = get_attrs[a++].val_ptr; |
149 | OSD_INFO("OSD_ATTR_RI_USED_CAPACITY [0x%llx]\n", | 149 | OSD_INFO("OSD_ATTR_RI_USED_CAPACITY [0x%llx]\n", |
150 | _LLU(get_unaligned_be64(pFirst))); | 150 | pFirst ? _LLU(get_unaligned_be64(pFirst)) : ~0ULL); |
151 | 151 | ||
152 | pFirst = get_attrs[a++].val_ptr; | 152 | pFirst = get_attrs[a++].val_ptr; |
153 | OSD_INFO("OSD_ATTR_RI_NUMBER_OF_PARTITIONS [%llu]\n", | 153 | OSD_INFO("OSD_ATTR_RI_NUMBER_OF_PARTITIONS [%llu]\n", |
154 | _LLU(get_unaligned_be64(pFirst))); | 154 | pFirst ? _LLU(get_unaligned_be64(pFirst)) : ~0ULL); |
155 | |||
156 | if (a >= nelem) | ||
157 | goto out; | ||
155 | 158 | ||
156 | /* FIXME: Where are the time utilities */ | 159 | /* FIXME: Where are the time utilities */ |
157 | pFirst = get_attrs[a++].val_ptr; | 160 | pFirst = get_attrs[a++].val_ptr; |