From: Bikash Hazarika <bhazarika@marvell.com>
Date: Wed, 7 Jun 2023 17:08:37 +0530
Subject: scsi: qla2xxx: Fix potential NULL pointer dereference
Patch-mainline: v6.5-rc1
Git-commit: 464ea494a40c6e3e0e8f91dd325408aaf21515ba
References: bsc#1213747
Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate
pointer before dereferencing the pointer.
Cc: stable@vger.kernel.org
Signed-off-by: Bikash Hazarika <bhazarika@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Link: https://lore.kernel.org/r/20230607113843.37185-3-njavali@marvell.com
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Acked-by: Daniel Wagner <dwagner@suse.de>
---
drivers/scsi/qla2xxx/qla_iocb.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/drivers/scsi/qla2xxx/qla_iocb.c
+++ b/drivers/scsi/qla2xxx/qla_iocb.c
@@ -608,7 +608,8 @@ qla24xx_build_scsi_type_6_iocbs(srb_t *s
put_unaligned_le32(COMMAND_TYPE_6, &cmd_pkt->entry_type);
/* No data transfer */
- if (!scsi_bufflen(cmd) || cmd->sc_data_direction == DMA_NONE) {
+ if (!scsi_bufflen(cmd) || cmd->sc_data_direction == DMA_NONE ||
+ tot_dsds == 0) {
cmd_pkt->byte_count = cpu_to_le32(0);
return 0;
}