crypto: marvell/octeontx - Fix a potential NULL dereference

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Smatch reports that:

drivers/crypto/marvell/octeontx/otx_cptvf_algs.c:132 otx_cpt_aead_callback()
warn: variable dereferenced before check 'cpt_info' (see line 121)

This function is called from process_pending_queue() as:

drivers/crypto/marvell/octeontx/otx_cptvf_reqmgr.c
599 /*
600 * Call callback after current pending entry has been
601 * processed, we don't do it if the callback pointer is
602 * invalid.
603 */
604 if (callback)
605 callback(res_code, areq, cpt_info);

It does appear to me that "cpt_info" can be NULL so this could lead to
a NULL dereference.

Fixes: 10b4f09491bf ("crypto: marvell - add the Virtual Function driver for CPT")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Dan Carpenter and committed by

Herbert Xu 5 years ago 1f5b07f5 77251e41

+7 -4

1 changed file

expand all

drivers

crypto

marvell

octeontx

otx_cptvf_algs.c

+7 -4

drivers/crypto/marvell/octeontx/otx_cptvf_algs.c

··· 118 118 struct otx_cpt_req_info *cpt_req; 119 119 struct pci_dev *pdev; 120 120 121 + if (!cpt_info) 122 + goto complete; 123 + 121 124 cpt_req = cpt_info->req; 122 125 if (!status) { 123 126 /* ··· 132 129 !cpt_req->is_enc) 133 130 status = validate_hmac_cipher_null(cpt_req); 134 131 } 135 - if (cpt_info) { 136 - pdev = cpt_info->pdev; 137 - do_request_cleanup(pdev, cpt_info); 138 - } 132 + pdev = cpt_info->pdev; 133 + do_request_cleanup(pdev, cpt_info); 134 + 135 + complete: 139 136 if (areq) 140 137 areq->complete(areq, status); 141 138 }