[Linux-cluster] 2.6.15-rc5-mm3 dlm: missing NULL pointer checks

[Stefan Richter]

Hi all,

while browsing http://sosdg.org/~coywolf/lxr/ for a completely unrelated 
matter, I found these two potential NULL pointer dereferences in 
drivers/dlm/device.c. In do_user_lock():

> 803                 if (!li && DLM_LKF_PERSISTENT) {
> 804                         li = allocate_lockinfo(fi, cmd, kparams);
> 805 
> 806                         li->li_lksb.sb_lkid = kparams->lkid;
> 807                         li->li_castaddr  = kparams->castaddr;
> 808                         li->li_castparam = kparams->castparam;
> 809 
> 810                         /* OK, this isn;t exactly a FIRSTLOCK but it is the
> 811                            first time we've used this lockinfo, and if things
> 812                            fail we want rid of it */
> 813                         init_MUTEX_LOCKED(&li->li_firstlock);
> 814                         set_bit(LI_FLAG_FIRSTLOCK, &li->li_flags);
> 815                         add_lockinfo(li);
> 816 
> 817                         /* TODO: do a query to get the current state ?? */
> 818                 }
> 819                 if (!li)
> 820                         return -EINVAL;

Lines 806...815 need to be enclosed by if (li) {...}, or line 803 should 
be replaced by
	if (!li && DLM_LKF_PERSISTENT &&
	    (li = allocate_lockinfo(fi, cmd, kparams)) {

In do_user_unlock():

> 915         if (!li) {
> 916                 li = allocate_lockinfo(fi, cmd, kparams);
> 917                 spin_lock(&fi->fi_li_lock);
> 918                 list_add(&li->li_ownerqueue, &fi->fi_li_list);
> 919                 spin_unlock(&fi->fi_li_lock);
> 920         }
> 921         if (!li)
> 922                 return -ENOMEM;

Same as above, or lines 921 and 922 should be moved up between 916 and 917.

(Sorry, no patch, I'm too lazy to fetch -mm...)
-- 
Stefan Richter
-=====-=-=-= ==-- =--=-
http://arcgraph.de/sr/