[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug report] xen/scsifront: harden driver against malicious backend

Hello Juergen Gross,

This is a semi-automatic email about new static checker warnings.

The patch 6d1c2f48f3fc: "xen/scsifront: harden driver against
malicious backend" from Apr 28, 2022, leads to the following Smatch
complaint:

    drivers/scsi/xen-scsifront.c:746 scsifront_sdev_configure()
    warn: variable dereferenced before check 'info' (see line 743)

drivers/scsi/xen-scsifront.c
   738  static int scsifront_sdev_configure(struct scsi_device *sdev)
   739  {
   740          struct vscsifrnt_info *info = shost_priv(sdev->host);
   741          int err;
   742  
   743          if (info->host_active == STATE_ERROR)
                    ^^^^^^^^^^^^^^^^^
The patch assumes that shost_priv() can't return NULL

   744                  return -EIO;
   745  
   746          if (info && current == info->curr) {
                    ^^^^
But the old code assumes it can.  Probably info can't be NULL and this
check can be deleted?

   747                  err = xenbus_printf(XBT_NIL, info->dev->nodename,
   748                                info->dev_state_path, "%d", 
XenbusStateConnected);
   749                  if (err) {
   750                          xenbus_dev_error(info->dev, err,
   751                                  "%s: writing dev_state_path", __func__);
   752                          return err;
   753                  }
   754          }
   755  
   756          return 0;
   757  }

regards,
dan carpenter

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.