From b0f49d138777fb6609aa2ea96d2c59fb872d2c2d Mon Sep 17 00:00:00 2001 From: Prasad Joshi Date: Wed, 19 Mar 2014 07:10:32 +0530 Subject: [PATCH 1/2] scsi: check req pointer before dereferencing it Signed-off-by: Prasad Joshi Signed-off-by: Paolo Bonzini --- hw/scsi/vmw_pvscsi.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/scsi/vmw_pvscsi.c b/hw/scsi/vmw_pvscsi.c index 7d344b944e5d..e35bff76a98b 100644 --- a/hw/scsi/vmw_pvscsi.c +++ b/hw/scsi/vmw_pvscsi.c @@ -479,12 +479,13 @@ static void pvscsi_command_complete(SCSIRequest *req, uint32_t status, size_t resid) { PVSCSIRequest *pvscsi_req = req->hba_private; - PVSCSIState *s = pvscsi_req->dev; + PVSCSIState *s; if (!pvscsi_req) { trace_pvscsi_command_complete_not_found(req->tag); return; } + s = pvscsi_req->dev; if (resid) { /* Short transfer. */ From ec8929a55512606456e364ffa80586219f67c904 Mon Sep 17 00:00:00 2001 From: Prasad Joshi Date: Mon, 24 Mar 2014 21:14:46 +0530 Subject: [PATCH 2/2] spapr_vscsi: remove duplicate condition check Signed-off-by: Prasad Joshi Signed-off-by: Paolo Bonzini --- hw/scsi/spapr_vscsi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/scsi/spapr_vscsi.c b/hw/scsi/spapr_vscsi.c index 34478f01570a..d4ada4f33538 100644 --- a/hw/scsi/spapr_vscsi.c +++ b/hw/scsi/spapr_vscsi.c @@ -690,7 +690,7 @@ static void vscsi_inquiry_no_target(VSCSIState *s, vscsi_req *req) int rc, len, alen; /* We dont do EVPD. Also check that page_code is 0 */ - if ((cdb[1] & 0x01) || (cdb[1] & 0x01) || cdb[2] != 0) { + if ((cdb[1] & 0x01) || cdb[2] != 0) { /* Send INVALID FIELD IN CDB */ vscsi_makeup_sense(s, req, ILLEGAL_REQUEST, 0x24, 0); vscsi_send_rsp(s, req, CHECK_CONDITION, 0, 0);