[ldv-project] (no subject)
Alisa Khabibrakhmanova
khabibrakhmanova at ispras.ru
Thu Aug 11 15:26:17 MSK 2022
Date: Thu, 11 Aug 2022 14:41:16 +0300
Subject: [PATCH] escb: Prevent invalid memory access in asd_invalidate_edb()
In escb_tasklet_complete() variable edb is checked for negative value
and then passed to asd_invalidate_edb(), where it used as index of array.
Return in the condition prevents further use of a negative value.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 2908d778ab3e ("[SCSI] aic94xx: new driver")
Signed-off-by: Alisa Khabibrakhmanova <khabibrakhmanova at ispras.ru>
---
drivers/scsi/aic94xx/aic94xx_scb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/scsi/aic94xx/aic94xx_scb.c b/drivers/scsi/aic94xx/aic94xx_scb.c
index 68214a58b160..bae2ee2870ef 100644
--- a/drivers/scsi/aic94xx/aic94xx_scb.c
+++ b/drivers/scsi/aic94xx/aic94xx_scb.c
@@ -421,6 +421,7 @@ static void escb_tasklet_complete(struct asd_ascb *ascb,
le64_to_cpu(ascb->scb->header.next_scb),
le16_to_cpu(ascb->scb->header.index),
ascb->scb->header.opcode);
+ return;
}
/* Catch these before we mask off the sb_opcode bits */
--
2.34.1
More information about the ldv-project
mailing list