lightnvm: fix uninitialized pointer in nvm_remove_tgt()
authorGeert Uytterhoeven <geert@linux-m68k.org>
Fri, 21 Jun 2019 09:12:00 +0000 (11:12 +0200)
committerJens Axboe <axboe@kernel.dk>
Fri, 21 Jun 2019 09:14:30 +0000 (03:14 -0600)
With gcc 4.1:

    drivers/lightnvm/core.c: In function ‘nvm_remove_tgt’:
    drivers/lightnvm/core.c:510: warning: ‘t’ is used uninitialized in this function

Indeed, if no NVM devices have been registered, t will be an
uninitialized pointer, and may be dereferenced later.  A call to
nvm_remove_tgt() can be triggered from userspace by issuing the
NVM_DEV_REMOVE ioctl on the lightnvm control device.

Fix this by preinitializing t to NULL.

Fixes: 843f2edbdde085b4 ("lightnvm: do not remove instance under global lock")
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Matias Bjørling <mb@lightnvm.io>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
drivers/lightnvm/core.c

index 7d555b110ecd6d8e4e5e6fa0d8a16a166c10adf2..a600934fdd9ca351b4ca7aa72caf7bf1971a75d9 100644 (file)
@@ -478,7 +478,7 @@ static void __nvm_remove_target(struct nvm_target *t, bool graceful)
  */
 static int nvm_remove_tgt(struct nvm_ioctl_remove *remove)
 {
-       struct nvm_target *t;
+       struct nvm_target *t = NULL;
        struct nvm_dev *dev;
 
        down_read(&nvm_lock);