scsi: scsi_debug: Fix uninitialized pointers with __free attr

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Uninitialized pointers with '__free' attribute can cause undefined
behaviour as the memory assigned(randomly) to the pointer is freed
automatically when the pointer goes out of scope

scsi doesn't have any bugs related to this as of now, but it is better
to initialize and assign pointers with '__free' attr in one statement to
ensure proper scope-based cleanup

Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lore.kernel.org/all/aPiG_F5EBQUjZqsl@stanley.mountain/
Signed-off-by: Ally Heev <allyheev@gmail.com>
Link: https://patch.msgid.link/20251105-aheev-uninitialized-free-attr-scsi-v1-1-d28435a0a7ea@gmail.com
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

authored by

Ally Heev and committed by

Martin K. Petersen 7 months ago 3813d28b 18987143

+2 -2

1 changed file

expand all

drivers

scsi

scsi_debug.c

+2 -2

drivers/scsi/scsi_debug.c

··· 2961 2961 int target_dev_id; 2962 2962 int target = scp->device->id; 2963 2963 unsigned char *ap; 2964 - unsigned char *arr __free(kfree); 2965 2964 unsigned char *cmd = scp->cmnd; 2966 2965 bool dbd, llbaa, msense_6, is_disk, is_zbc, is_tape; 2967 2966 2968 - arr = kzalloc(SDEBUG_MAX_MSENSE_SZ, GFP_ATOMIC); 2967 + unsigned char *arr __free(kfree) = kzalloc(SDEBUG_MAX_MSENSE_SZ, GFP_ATOMIC); 2968 + 2969 2969 if (!arr) 2970 2970 return -ENOMEM; 2971 2971 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */

Configure Feed

Configure Feed