Details
-
Bug
-
Resolution: Fixed
-
Minor
-
None
-
None
-
3
-
15616
Description
Null pointer 'data' that comes from line 228 may be dereferenced at line 253. Also there are 2 similar errors on line(s) 266, 278.
225 static int libcfs_ioctl_handle(struct cfs_psdev_file *pfile, unsigned long cmd, 226 void *arg, struct libcfs_ioctl_hdr *hdr) 227 { 228 struct libcfs_ioctl_data *data = NULL; 229 int err; 230 ENTRY; 231 232 /* The libcfs_ioctl_data_adjust() function performs adjustment 233 * operations on the libcfs_ioctl_data structure to make 234 * it usable by the code. This doesn't need to be called 235 * for new data structures added. */ 236 if (hdr->ioc_version == LIBCFS_IOCTL_VERSION) { 237 data = container_of(hdr, struct libcfs_ioctl_data, ioc_hdr); 238 err = libcfs_ioctl_data_adjust(data); 239 if (err != 0) { 240 RETURN(err); 241 } 242 } 243 244 switch (cmd) { 245 case IOC_LIBCFS_CLEAR_DEBUG: 246 libcfs_debug_clear_buffer(); 247 RETURN(0); 248 /* 249 * case IOC_LIBCFS_PANIC: 250 * Handled in arch/cfs_module.c 251 */ 252 case IOC_LIBCFS_MARK_DEBUG: 253 if (data->ioc_inlbuf1 == NULL || 254 data->ioc_inlbuf1[data->ioc_inllen1 - 1] != '\0') 255 RETURN(-EINVAL); 256 libcfs_debug_mark_buffer(data->ioc_inlbuf1); 257 RETURN(0);
Attachments
Issue Links
- is related to
-
-
- Resolved
-