Commit 5dd6c493 authored by Maurizio Lombardi's avatar Maurizio Lombardi Committed by Martin K. Petersen

scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported

If the CHAP_A value is not supported, the chap_server_open() function
should free the auth_protocol pointer and set it to NULL, or we will leave
a dangling pointer around.

[   66.010905] Unsupported CHAP_A value
[   66.011660] Security negotiation failed.
[   66.012443] iSCSI Login negotiation failed.
[   68.413924] general protection fault: 0000 [#1] SMP PTI
[   68.414962] CPU: 0 PID: 1562 Comm: targetcli Kdump: loaded Not tainted 4.18.0-80.el8.x86_64 #1
[   68.416589] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[   68.417677] RIP: 0010:__kmalloc_track_caller+0xc2/0x210
Signed-off-by: default avatarMaurizio Lombardi <mlombard@redhat.com>
Reviewed-by: default avatarChris Leech <cleech@redhat.com>
Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
parent 5676234f
...@@ -89,6 +89,12 @@ static int chap_check_algorithm(const char *a_str) ...@@ -89,6 +89,12 @@ static int chap_check_algorithm(const char *a_str)
return CHAP_DIGEST_UNKNOWN; return CHAP_DIGEST_UNKNOWN;
} }
static void chap_close(struct iscsi_conn *conn)
{
kfree(conn->auth_protocol);
conn->auth_protocol = NULL;
}
static struct iscsi_chap *chap_server_open( static struct iscsi_chap *chap_server_open(
struct iscsi_conn *conn, struct iscsi_conn *conn,
struct iscsi_node_auth *auth, struct iscsi_node_auth *auth,
...@@ -126,7 +132,7 @@ static struct iscsi_chap *chap_server_open( ...@@ -126,7 +132,7 @@ static struct iscsi_chap *chap_server_open(
case CHAP_DIGEST_UNKNOWN: case CHAP_DIGEST_UNKNOWN:
default: default:
pr_err("Unsupported CHAP_A value\n"); pr_err("Unsupported CHAP_A value\n");
kfree(conn->auth_protocol); chap_close(conn);
return NULL; return NULL;
} }
...@@ -141,19 +147,13 @@ static struct iscsi_chap *chap_server_open( ...@@ -141,19 +147,13 @@ static struct iscsi_chap *chap_server_open(
* Generate Challenge. * Generate Challenge.
*/ */
if (chap_gen_challenge(conn, 1, aic_str, aic_len) < 0) { if (chap_gen_challenge(conn, 1, aic_str, aic_len) < 0) {
kfree(conn->auth_protocol); chap_close(conn);
return NULL; return NULL;
} }
return chap; return chap;
} }
static void chap_close(struct iscsi_conn *conn)
{
kfree(conn->auth_protocol);
conn->auth_protocol = NULL;
}
static int chap_server_compute_md5( static int chap_server_compute_md5(
struct iscsi_conn *conn, struct iscsi_conn *conn,
struct iscsi_node_auth *auth, struct iscsi_node_auth *auth,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment