dm mpath: fix attached_handler_name leak and dangling hw_handler_name pointer - lwn.git - Linux kernel documentation tree maintained by Jonathan Corbet

diff options

author	Mike Snitzer <snitzer@redhat.com>	2018-09-17 11:38:47 -0400
committer	Mike Snitzer <snitzer@redhat.com>	2018-09-17 22:46:49 -0400
commit	b592211c33f745af67a3271ce77c10fc1e6d6241 (patch)
tree	e7d3f619055d7c721b4a32b3af14e070cfd21c4e /.cocciconfig
parent	013ad043906b2befd4a9bfb06219ed9fedd92716 (diff)
download	lwn-b592211c33f745af67a3271ce77c10fc1e6d6241.tar.gz lwn-b592211c33f745af67a3271ce77c10fc1e6d6241.zip

dm mpath: fix attached_handler_name leak and dangling hw_handler_name pointer

Commit e8f74a0f0011 ("dm mpath: eliminate need to use scsi_device_from_queue") introduced 2 regressions: 1) memory leak occurs if attached_handler_name is not assigned to m->hw_handler_name 2) m->hw_handler_name can become a dangling pointer if the RETAIN_ATTACHED_HW_HANDLER flag is set and scsi_dh_attach() returns -EBUSY. Fix both of these by clearing 'attached_handler_name' pointer passed to setup_scsi_dh() after it is assigned to m->hw_handler_name. And if setup_scsi_dh() doesn't consume 'attached_handler_name' parse_path() will kfree() it. Fixes: e8f74a0f0011 ("dm mpath: eliminate need to use scsi_device_from_queue") Cc: stable@vger.kernel.org # 4.16+ Reported-by: Bart Van Assche <bvanassche@acm.org> Signed-off-by: Mike Snitzer <snitzer@redhat.com>

Diffstat (limited to '.cocciconfig')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: