In the blkif_release function the bdget_disk() call might returns
a NULL ptr which might be dereferenced on bdev->bd_openers checking
Signed-off-by: Felipe Pena <felipe...@gmail.com>
---
drivers/block/xen-blkfront.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/block/xen-blkfront.c b/drivers/block/xen-blkfront.c
index a4660bb..7bb1552 100644
--- a/drivers/block/xen-blkfront.c
+++ b/drivers/block/xen-blkfront.c
@@ -1959,6 +1959,9 @@ static void blkif_release(struct gendisk *disk, fmode_t
mode)
bdev = bdget_disk(disk, 0);
+ if (!bdev)
+ goto out_mutex;
+
if (bdev->bd_openers)
goto out;
@@ -1989,6 +1992,7 @@ static void blkif_release(struct gendisk *disk, fmode_t
mode)
out:
bdput(bdev);
+out_mutex:
mutex_unlock(&blkfront_mutex);
}
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
