1. Patchew
  2. QEMU
  3. [Qemu-devel] [PULL 0/8] RDMA queue
  4. View patch

[Qemu-devel] [PULL 2/8] hw/rdma: Fix possible usage of a NULL pointer

Marcel Apfelbaum posted 8 patches 7 years, 5 months ago
There is a newer version of this series
[Qemu-devel] [PULL 2/8] hw/rdma: Fix possible usage of a NULL pointer
Posted by Marcel Apfelbaum 7 years, 5 months ago 
Coverity CID 1390586; The cq handle is provided by the guest
and cannot be trusted to be previuosly allocated.
Fix it by exiting the completion flow.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Reviewed-by: Yuval Shaia <yuval.shaia@oracle.com>
Message-Id: <20180430200223.4119-3-marcel.apfelbaum@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 hw/rdma/vmw/pvrdma_qp_ops.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/rdma/vmw/pvrdma_qp_ops.c b/hw/rdma/vmw/pvrdma_qp_ops.c
index 750ade6c31..99bb51111e 100644
--- a/hw/rdma/vmw/pvrdma_qp_ops.c
+++ b/hw/rdma/vmw/pvrdma_qp_ops.c
@@ -216,6 +216,7 @@ void pvrdma_cq_poll(RdmaDeviceResources *dev_res, uint32_t cq_handle)
     cq = rdma_rm_get_cq(dev_res, cq_handle);
     if (!cq) {
         pr_dbg("Invalid CQ# %d\n", cq_handle);
+        return;
     }
 
     rdma_backend_poll_cq(dev_res, &cq->backend_cq);
-- 
2.14.3

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.