[Linux-cluster] 2.6.15-rc5-mm3 dlm: missing NULL pointer checks
Stefan Richter
stefanr at s5r6.in-berlin.de
Sun Dec 18 10:07:45 UTC 2005
Hi all,
while browsing http://sosdg.org/~coywolf/lxr/ for a completely unrelated
matter, I found these two potential NULL pointer dereferences in
drivers/dlm/device.c. In do_user_lock():
> 803 if (!li && DLM_LKF_PERSISTENT) {
> 804 li = allocate_lockinfo(fi, cmd, kparams);
> 805
> 806 li->li_lksb.sb_lkid = kparams->lkid;
> 807 li->li_castaddr = kparams->castaddr;
> 808 li->li_castparam = kparams->castparam;
> 809
> 810 /* OK, this isn;t exactly a FIRSTLOCK but it is the
> 811 first time we've used this lockinfo, and if things
> 812 fail we want rid of it */
> 813 init_MUTEX_LOCKED(&li->li_firstlock);
> 814 set_bit(LI_FLAG_FIRSTLOCK, &li->li_flags);
> 815 add_lockinfo(li);
> 816
> 817 /* TODO: do a query to get the current state ?? */
> 818 }
> 819 if (!li)
> 820 return -EINVAL;
Lines 806...815 need to be enclosed by if (li) {...}, or line 803 should
be replaced by
if (!li && DLM_LKF_PERSISTENT &&
(li = allocate_lockinfo(fi, cmd, kparams)) {
In do_user_unlock():
> 915 if (!li) {
> 916 li = allocate_lockinfo(fi, cmd, kparams);
> 917 spin_lock(&fi->fi_li_lock);
> 918 list_add(&li->li_ownerqueue, &fi->fi_li_list);
> 919 spin_unlock(&fi->fi_li_lock);
> 920 }
> 921 if (!li)
> 922 return -ENOMEM;
Same as above, or lines 921 and 922 should be moved up between 916 and 917.
(Sorry, no patch, I'm too lazy to fetch -mm...)
--
Stefan Richter
-=====-=-=-= ==-- =--=-
http://arcgraph.de/sr/
More information about the Linux-cluster
mailing list