From: Dan Carpenter <dan.carpenter@oracle.com>
Date: Wed, 13 May 2020 12:37:03 +0300
Subject: scsi: aacraid: Fix an oops in error handling
Git-commit: 25c21d20bcfdb97ba869007b284a5dbf5328ffe2
Patch-mainline: v5.8-rc1
References: bsc#1186698

If the memdup_user() function fails then it results in an Oops in the
error handling code when we try to kfree() and error pointer.

Link: https://lore.kernel.org/r/20200513093703.GB347693@mwanda
Fixes: 8d925b1f00e6 ("scsi: aacraid: Use memdup_user() as a cleanup")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Acked-by: Lee Duncan <lduncan@suse.com>
---
 drivers/scsi/aacraid/commctrl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/scsi/aacraid/commctrl.c b/drivers/scsi/aacraid/commctrl.c
index 102658bdc15a..34e65dea992e 100644
--- a/drivers/scsi/aacraid/commctrl.c
+++ b/drivers/scsi/aacraid/commctrl.c
@@ -516,6 +516,7 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
 	user_srbcmd = memdup_user(user_srb, fibsize);
 	if (IS_ERR(user_srbcmd)) {
 		rcode = PTR_ERR(user_srbcmd);
+		user_srbcmd = NULL;
 		goto cleanup;
 	}