Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

blk-mq: add bounds check on tag-to-rq conversion

We need to check for a valid index before accessing the array
element to avoid accessing invalid memory regions.

Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Moyer <jmoyer@redhat.com>

Modified by Jens to drop the unlikely(), and make the fall through
path be having a valid tag.

Signed-off-by: Jens Axboe <axboe@fb.com>
Hannes Reinecke 9 years ago
parent
2b88551711
commit
4ee86babe0
1 changed files with 4 additions and 1 deletions
Split View Show Diff Stats
  1. 4 1
      block/blk-mq.c

+ 4 - 1
block/blk-mq.c
View File 

@@ -544,7 +544,10 @@ EXPORT_SYMBOL(blk_mq_abort_requeue_list);
 
 
 struct request *blk_mq_tag_to_rq(struct blk_mq_tags *tags, unsigned int tag)
 
 {
 
-	return tags->rqs[tag];
 
+	if (tag < tags->nr_tags)
 
+		return tags->rqs[tag];
 
+
 
+	return NULL;
 
 }
 
 EXPORT_SYMBOL(blk_mq_tag_to_rq);