[Drbd-dev] [bug report] drbd: Backport the "status" command
Dan Carpenter
dan.carpenter at oracle.com
Thu Nov 18 09:49:30 CET 2021
Hello Andreas Gruenbacher,
The patch a55bbd375d18: "drbd: Backport the "status" command" from
Aug 28, 2014, leads to the following Smatch static checker warning:
drivers/block/drbd/drbd_nl.c:3424 drbd_adm_dump_devices() warn: 'resource_filter' could be an error pointer
drivers/block/drbd/drbd_nl.c:3513 drbd_adm_dump_connections() warn: 'resource_filter' could be an error pointer
drivers/block/drbd/drbd_nl.c:3674 drbd_adm_dump_peer_devices() warn: 'resource_filter' could be an error pointer
drivers/block/drbd/drbd_nl.c
3410 int drbd_adm_dump_devices(struct sk_buff *skb, struct netlink_callback *cb)
3411 {
3412 struct nlattr *resource_filter;
3413 struct drbd_resource *resource;
3414 struct drbd_device *device;
3415 int minor, err, retcode;
3416 struct drbd_genlmsghdr *dh;
3417 struct device_info device_info;
3418 struct device_statistics device_statistics;
3419 struct idr *idr_to_search;
3420
3421 resource = (struct drbd_resource *)cb->args[0];
3422 if (!cb->args[0] && !cb->args[1]) {
3423 resource_filter = find_cfg_context_attr(cb->nlh, T_ctx_resource_name);
--> 3424 if (resource_filter) {
The find_cfg_context_attr() function returns both NULL and error
pointers. It if returns an error pointer here then that will lead to a
crash. None of the callers check for error pointers.
3425 retcode = ERR_RES_NOT_KNOWN;
3426 resource = drbd_find_resource(nla_data(resource_filter));
3427 if (!resource)
3428 goto put_result;
3429 cb->args[0] = (long)resource;
3430 }
3431 }
3432
3433 rcu_read_lock();
3434 minor = cb->args[1];
regards,
dan carpenter
More information about the drbd-dev
mailing list