On Thu, 2020-09-10 at 18:52 +0800, lixiaokeng wrote:
> In handle_args func, we donot check whether malloc paramp and
> each paramp->trnptid_list[j] fails before using them, it may
> cause access NULL pointer.
>
> Here, we add alloc_prout_param_descriptor to allocate and init
> paramp, and we add free_prout_param_descriptor to free paramp
> and each paramp->trnptid_list[j].
>
> We change num_transport to num_transportids to combine them.
>
> Signed-off-by: Zhiqiang Liu <liuzhiqian...@huawei.com>
> Signed-off-by: lixiaokeng <lixiaok...@huawei.com>
> ---
> mpathpersist/main.c | 65 ++++++++++++++++++++++++++++++++++---------
> --
> 1 file changed, 50 insertions(+), 15 deletions(-)
>
> diff --git a/mpathpersist/main.c b/mpathpersist/main.c
> index 28bfe410..da67c15c 100644
> --- a/mpathpersist/main.c
> +++ b/mpathpersist/main.c
> @@ -153,6 +153,38 @@ static int do_batch_file(const char *batch_fn)
> return ret;
> }
>
> +static struct prout_param_descriptor *
> +alloc_prout_param_descriptor(int num_transportid)
> +{
> + struct prout_param_descriptor *paramp;
> +
> + if (num_transportid < 0 || num_transportid > MPATH_MX_TIDS)
> + return NULL;
> +
> + paramp= malloc(sizeof(struct prout_param_descriptor) +
> + (sizeof(struct transportid *) *
> num_transportid));
> +
> + if (!paramp)
> + return NULL;
> +
> + paramp->num_transportid = num_transportid;
> + memset(paramp, 0, sizeof(struct prout_param_descriptor) +
> + (sizeof(struct transportid *) *
> num_transportid));
Here you overwrite paramp->num_transportid, which you just set.
Otherwise, the patch looks ok.
Regards,
Martin
--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel
