[ofa-general] Re: [PATCH 2.6.30.4] Fix for NULL pointer dereference by SRP initiator triggered by a SCSI reset after the SRP connection has been closed
Roland Dreier
rdreier at cisco.com
Wed Aug 5 10:40:38 PDT 2009
Now I'm confused about this patch for another reason:
> @@ -1429,6 +1431,8 @@ static int srp_reset_device(struct scsi_
> return FAILED;
> if (req->tsk_status)
> return FAILED;
> + if (!req->scmnd->device)
> + return FAILED;
>
> spin_lock_irq(target->scsi_host->host_lock);
This adds the check *after* the call to srp_send_tsk_mgmt() -- which is
where scmnd->device will be dereferenced. So how does this fix the bug?
- R.
More information about the general
mailing list