Bug 9583 - Possible NULL pointer dereference on drivers/infiniband/hw/cxgb3/iwch_cm.c
Summary: Possible NULL pointer dereference on drivers/infiniband/hw/cxgb3/iwch_cm.c
Status: RESOLVED OBSOLETE
Alias: None
Product: Drivers
Classification: Unclassified
Component: Network (show other bugs)
Hardware: All Linux
: P1 low
Assignee: drivers_network@kernel-bugs.osdl.org
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-12-15 17:49 UTC by Marcio Buss
Modified: 2014-07-29 14:52 UTC (History)
3 users (show)

See Also:
Kernel Version: 2.6.29
Subsystem:
Regression: No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Marcio Buss 2007-12-15 17:49:49 UTC 
There's a potential null pointer dereference on 
drivers/infiniband/hw/cxgb3/iwch_cm.c, line 731 (it's
not clear whether the bug exists because it depends
on the relationship between "status" parameter and
the value of "ep->com.cm_id"). In any case, here it goes:

(1) let the "if" statement at line 725 evaluate to false,
    implying that "ep->com.cm_id" is null.
(2) let the "if" statement at line 730 evalue to true
(3) now the statement at line 731 dereferences the null
    pointer "ep->com.cm_id."
Comment 1 Alan 2009-03-24 04:10:24 UTC 
[connect_reply_upcall and still present]
Comment 2 xerofoify 2014-06-24 17:05:10 UTC 
This bug is old and outdated. Please tell against newer kernel and see if fixed.
Thanks Nick
Note You need to log in before you can comment on or make changes to this bug.