From 8766cd12e41539cfe97025adbe2ef45ffe0e0bc2 Mon Sep 17 00:00:00 2001 From: Amir Shehata Date: Mon, 22 Feb 2016 17:29:04 -0500 Subject: [PATCH] staging: lustre: fix crash due to NULL networks string If there is an invalid networks or ip2nets lnet_parse_networks() gets called with a NULL 'network' string parameter lnet_parse_networks() needs to sanitize its input string now that it's being called from multiple places. Instead, check for a NULL string everytime the function is called, which reduces the probability of errors with other code modifications. Signed-off-by: Amir Shehata Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-5540 Reviewed-on: http://review.whamcloud.com/11626 Reviewed-by: Isaac Huang Reviewed-by: Doug Oucharek Reviewed-by: Oleg Drokin Signed-off-by: Greg Kroah-Hartman --- drivers/staging/lustre/lnet/lnet/api-ni.c | 5 +---- drivers/staging/lustre/lnet/lnet/config.c | 9 ++++++++- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/drivers/staging/lustre/lnet/lnet/api-ni.c b/drivers/staging/lustre/lnet/lnet/api-ni.c index b2b914a..c68d01e 100644 --- a/drivers/staging/lustre/lnet/lnet/api-ni.c +++ b/drivers/staging/lustre/lnet/lnet/api-ni.c @@ -1535,7 +1535,6 @@ LNetNIInit(lnet_pid_t requested_pid) lnet_ping_info_t *pinfo; lnet_handle_md_t md_handle; struct list_head net_head; - char *nets; INIT_LIST_HEAD(&net_head); @@ -1550,13 +1549,11 @@ LNetNIInit(lnet_pid_t requested_pid) return rc; } - nets = lnet_get_networks(); - rc = lnet_prepare(requested_pid); if (rc) goto failed0; - rc = lnet_parse_networks(&net_head, nets); + rc = lnet_parse_networks(&net_head, lnet_get_networks()); if (rc < 0) goto failed1; diff --git a/drivers/staging/lustre/lnet/lnet/config.c b/drivers/staging/lustre/lnet/lnet/config.c index 1ef07cd..013d41b 100644 --- a/drivers/staging/lustre/lnet/lnet/config.c +++ b/drivers/staging/lustre/lnet/lnet/config.c @@ -184,7 +184,7 @@ int lnet_parse_networks(struct list_head *nilist, char *networks) { struct cfs_expr_list *el = NULL; - int tokensize = strlen(networks) + 1; + int tokensize; char *tokens; char *str; char *tmp; @@ -192,6 +192,11 @@ lnet_parse_networks(struct list_head *nilist, char *networks) __u32 net; int nnets = 0; + if (!networks) { + CERROR("networks string is undefined\n"); + return -EINVAL; + } + if (strlen(networks) > LNET_SINGLE_TEXTBUF_NOB) { /* _WAY_ conservative */ LCONSOLE_ERROR_MSG(0x112, @@ -199,6 +204,8 @@ lnet_parse_networks(struct list_head *nilist, char *networks) return -EINVAL; } + tokensize = strlen(networks) + 1; + LIBCFS_ALLOC(tokens, tokensize); if (!tokens) { CERROR("Can't allocate net tokens\n"); -- 2.7.4