[Kernel-packages] [Bug 1708714] [NEW] scsi: hisi_sas: add null check before indirect pointer dereference

Fri, 04 Aug 2017 11:46:59 -0700 

Public bug reported:

[Impact]
Coverity scanning discovered a potential NULL dereference in this driver. 
Though I'm unaware of anyone hitting it in practice, it is an obvious bug.

[Test Case]
There is no known reproducer for this, so it can only be regression tested.

[Regression Risk]
The fix is localized to a driver and is a clean cherry pick from upstream.
The bug fix looks straightforward - don't dereference the pointer if it is 
NULL. The only regression theory I have would be if this means that, instead of 
crashing, we now execute code that is *worse* than crashing (e.g. resulting in 
corruption, etc).

** Affects: linux (Ubuntu)
     Importance: Medium
     Assignee: dann frazier (dannf)
         Status: In Progress

** Affects: linux (Ubuntu Zesty)
     Importance: Medium
     Assignee: dann frazier (dannf)
         Status: In Progress

** Also affects: linux (Ubuntu Zesty)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu Zesty)
       Status: New => Confirmed

** Changed in: linux (Ubuntu Zesty)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Zesty)
     Assignee: (unassigned) => dann frazier (dannf)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1708714

Title:
  scsi: hisi_sas: add null check before indirect pointer dereference

Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Zesty:
  In Progress

Bug description:
  [Impact]
  Coverity scanning discovered a potential NULL dereference in this driver. 
Though I'm unaware of anyone hitting it in practice, it is an obvious bug.

  [Test Case]
  There is no known reproducer for this, so it can only be regression tested.

  [Regression Risk]
  The fix is localized to a driver and is a clean cherry pick from upstream.
  The bug fix looks straightforward - don't dereference the pointer if it is 
NULL. The only regression theory I have would be if this means that, instead of 
crashing, we now execute code that is *worse* than crashing (e.g. resulting in 
corruption, etc).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1708714/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to