aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/scsi/osd/osd_initiator.c
diff options
context:
space:
mode:
authorBoaz Harrosh <bharrosh@panasas.com>2009-02-08 11:02:22 -0500
committerJames Bottomley <James.Bottomley@HansenPartnership.com>2009-03-12 13:58:13 -0400
commit97218a1499391b174ea95e05b7a40fbb73e79813 (patch)
tree60b8cf81afce2f45300990c50a866205153dbdf7 /drivers/scsi/osd/osd_initiator.c
parentc96952ed7031e7c576ecf90cf95b8ec099d5295a (diff)
[SCSI] libosd: Fix NULL dereference BUG when target is not OSD conformant
Very old OSC's Target had a BUG in the Get/Set attributes where it was looking in the wrong places for attribute lists length. If used with the open-osd initiator, the initiator would dereference a NULL pointer when retrieving system_information attributes. Checks are added that retrieval of each attribute is successful before accessing its value. Signed-off-by: Boaz Harrosh <bharrosh@panasas.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Diffstat (limited to 'drivers/scsi/osd/osd_initiator.c')
-rw-r--r--drivers/scsi/osd/osd_initiator.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/drivers/scsi/osd/osd_initiator.c b/drivers/scsi/osd/osd_initiator.c
index 0bbbf271fbb..552f58b655d 100644
--- a/drivers/scsi/osd/osd_initiator.c
+++ b/drivers/scsi/osd/osd_initiator.c
@@ -131,7 +131,7 @@ static int _osd_print_system_info(struct osd_dev *od, void *caps)
131 131
132 pFirst = get_attrs[a++].val_ptr; 132 pFirst = get_attrs[a++].val_ptr;
133 OSD_INFO("OSD_ATTR_RI_PRODUCT_REVISION_LEVEL [%u]\n", 133 OSD_INFO("OSD_ATTR_RI_PRODUCT_REVISION_LEVEL [%u]\n",
134 get_unaligned_be32(pFirst)); 134 pFirst ? get_unaligned_be32(pFirst) : ~0U);
135 135
136 pFirst = get_attrs[a++].val_ptr; 136 pFirst = get_attrs[a++].val_ptr;
137 OSD_INFO("OSD_ATTR_RI_PRODUCT_SERIAL_NUMBER [%s]\n", 137 OSD_INFO("OSD_ATTR_RI_PRODUCT_SERIAL_NUMBER [%s]\n",
@@ -143,15 +143,18 @@ static int _osd_print_system_info(struct osd_dev *od, void *caps)
143 143
144 pFirst = get_attrs[a++].val_ptr; 144 pFirst = get_attrs[a++].val_ptr;
145 OSD_INFO("OSD_ATTR_RI_TOTAL_CAPACITY [0x%llx]\n", 145 OSD_INFO("OSD_ATTR_RI_TOTAL_CAPACITY [0x%llx]\n",
146 _LLU(get_unaligned_be64(pFirst))); 146 pFirst ? _LLU(get_unaligned_be64(pFirst)) : ~0ULL);
147 147
148 pFirst = get_attrs[a++].val_ptr; 148 pFirst = get_attrs[a++].val_ptr;
149 OSD_INFO("OSD_ATTR_RI_USED_CAPACITY [0x%llx]\n", 149 OSD_INFO("OSD_ATTR_RI_USED_CAPACITY [0x%llx]\n",
150 _LLU(get_unaligned_be64(pFirst))); 150 pFirst ? _LLU(get_unaligned_be64(pFirst)) : ~0ULL);
151 151
152 pFirst = get_attrs[a++].val_ptr; 152 pFirst = get_attrs[a++].val_ptr;
153 OSD_INFO("OSD_ATTR_RI_NUMBER_OF_PARTITIONS [%llu]\n", 153 OSD_INFO("OSD_ATTR_RI_NUMBER_OF_PARTITIONS [%llu]\n",
154 _LLU(get_unaligned_be64(pFirst))); 154 pFirst ? _LLU(get_unaligned_be64(pFirst)) : ~0ULL);
155
156 if (a >= nelem)
157 goto out;
155 158
156 /* FIXME: Where are the time utilities */ 159 /* FIXME: Where are the time utilities */
157 pFirst = get_attrs[a++].val_ptr; 160 pFirst = get_attrs[a++].val_ptr;