diff --git a/kernel.spec b/kernel.spec index 1ba1d91..662e512 100644 --- a/kernel.spec +++ b/kernel.spec @@ -804,11 +804,13 @@ Patch21233: jbd2-clear-BH_Delay-and-BH_Unwritten-in-journal_unmap_buf.patch #rhbz 785806 Patch21234: e1000e-Avoid-wrong-check-on-TX-hang.patch +#rhbz 754518 +Patch21235: scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch + # compat-wireless patches Patch50000: compat-wireless-config-fixups.patch Patch50001: compat-wireless-pr_fmt-warning-avoidance.patch Patch50002: compat-wireless-integrated-build.patch - Patch50100: compat-wireless-rtl8192cu-Fix-WARNING-on-suspend-resume.patch # Pending upstream fixes @@ -1513,6 +1515,9 @@ ApplyPatch jbd2-clear-BH_Delay-and-BH_Unwritten-in-journal_unmap_buf.patch #rhbz 785806 ApplyPatch e1000e-Avoid-wrong-check-on-TX-hang.patch +#rhbz 754518 +ApplyPatch scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch + # END OF PATCH APPLICATIONS %endif @@ -2312,6 +2317,9 @@ fi # and build. %changelog +* Fri Feb 10 2012 Josh Boyer +- Patch to prevent NULL pointer dereference in sd_revalidate_disk (rhbz 754518) + * Thu Feb 09 2012 Dave Jones - bsg: fix sysfs link remove warning (#787862) diff --git a/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch b/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch new file mode 100644 index 0000000..492376d --- /dev/null +++ b/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch @@ -0,0 +1,22 @@ +--- a/drivers/scsi/sd.c ++++ a/drivers/scsi/sd.c +@@ -2362,13 +2362,18 @@ static int sd_try_extended_inquiry(struct scsi_device *sdp) + static int sd_revalidate_disk(struct gendisk *disk) + { + struct scsi_disk *sdkp = scsi_disk(disk); +- struct scsi_device *sdp = sdkp->device; ++ struct scsi_device *sdp; + unsigned char *buffer; + unsigned flush = 0; + + SCSI_LOG_HLQUEUE(3, sd_printk(KERN_INFO, sdkp, + "sd_revalidate_disk\n")); + ++ if (!sdkp) ++ goto out; ++ ++ sdp = sdkp->device; ++ + /* + * If the device is offline, don't try and read capacity or any + * of the other niceties.