[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Linux-cluster] 2.6.15-rc5-mm3 dlm: missing NULL pointer checks



Hi all,

while browsing http://sosdg.org/~coywolf/lxr/ for a completely unrelated matter, I found these two potential NULL pointer dereferences in drivers/dlm/device.c. In do_user_lock():

803                 if (!li && DLM_LKF_PERSISTENT) {
804                         li = allocate_lockinfo(fi, cmd, kparams);
805 806 li->li_lksb.sb_lkid = kparams->lkid;
807                         li->li_castaddr  = kparams->castaddr;
808                         li->li_castparam = kparams->castparam;
809 810 /* OK, this isn;t exactly a FIRSTLOCK but it is the
811                            first time we've used this lockinfo, and if things
812                            fail we want rid of it */
813                         init_MUTEX_LOCKED(&li->li_firstlock);
814                         set_bit(LI_FLAG_FIRSTLOCK, &li->li_flags);
815                         add_lockinfo(li);
816 817 /* TODO: do a query to get the current state ?? */
818                 }
819                 if (!li)
820                         return -EINVAL;

Lines 806...815 need to be enclosed by if (li) {...}, or line 803 should be replaced by
	if (!li && DLM_LKF_PERSISTENT &&
	    (li = allocate_lockinfo(fi, cmd, kparams)) {

In do_user_unlock():

915         if (!li) {
916                 li = allocate_lockinfo(fi, cmd, kparams);
917                 spin_lock(&fi->fi_li_lock);
918                 list_add(&li->li_ownerqueue, &fi->fi_li_list);
919                 spin_unlock(&fi->fi_li_lock);
920         }
921         if (!li)
922                 return -ENOMEM;

Same as above, or lines 921 and 922 should be moved up between 916 and 917.

(Sorry, no patch, I'm too lazy to fetch -mm...)
--
Stefan Richter
-=====-=-=-= ==-- =--=-
http://arcgraph.de/sr/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]