From: Jean Delvare Date: Thu, 5 Mar 2009 20:45:55 +0000 (-0600) Subject: [SCSI] libiscsi: fix iscsi pool error path X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f474a37bc48667595b5653a983b635c95ed82a3b;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git [SCSI] libiscsi: fix iscsi pool error path Memory freeing in iscsi_pool_free() looks wrong to me. Either q->pool can be NULL and this should be tested before dereferencing it, or it can't be NULL and it shouldn't be tested at all. As far as I can see, the only case where q->pool is NULL is on early error in iscsi_pool_init(). One possible way to fix the bug is thus to not call iscsi_pool_free() in this case (nothing needs to be freed anyway) and then we can get rid of the q->pool check. Signed-off-by: Jean Delvare Signed-off-by: Mike Christie Signed-off-by: James Bottomley --- diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c index 809d32d95c7..c33e28fd49b 100644 --- a/drivers/scsi/libiscsi.c +++ b/drivers/scsi/libiscsi.c @@ -1944,7 +1944,7 @@ iscsi_pool_init(struct iscsi_pool *q, int max, void ***items, int item_size) num_arrays++; q->pool = kzalloc(num_arrays * max * sizeof(void*), GFP_KERNEL); if (q->pool == NULL) - goto enomem; + return -ENOMEM; q->queue = kfifo_init((void*)q->pool, max * sizeof(void*), GFP_KERNEL, NULL); @@ -1979,8 +1979,7 @@ void iscsi_pool_free(struct iscsi_pool *q) for (i = 0; i < q->max; i++) kfree(q->pool[i]); - if (q->pool) - kfree(q->pool); + kfree(q->pool); kfree(q->queue); } EXPORT_SYMBOL_GPL(iscsi_pool_free);