From acd147cb884f170ddac027881a9b4bb12a36ee2e Mon Sep 17 00:00:00 2001
From: geruijun <geruijun@huawei.com>
Date: Wed, 16 Mar 2022 01:36:22 +0800
Subject: [PATCH 4/4] Check return value of scsi_malloc in order to avoid
 dereferencing NULL return value.

Signed-off-by: geruijun <geruijun@huawei.com>
---
 lib/scsi-lowlevel.c | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/lib/scsi-lowlevel.c b/lib/scsi-lowlevel.c
index 4039cea..0161852 100644
--- a/lib/scsi-lowlevel.c
+++ b/lib/scsi-lowlevel.c
@@ -2912,9 +2912,15 @@ scsi_modesense_marshall_caching(struct scsi_task *task,
 	struct scsi_data *data;
 
 	data = scsi_malloc(task, sizeof(struct scsi_data));
+	if (data == NULL) {
+		return NULL;
+	}
 
 	data->size = 20 + hdr_size;
 	data->data = scsi_malloc(task, data->size);
+	if (data->data == NULL) {
+		return NULL;
+	}
 
 	if (mp->caching.ic)   data->data[hdr_size + 2] |= 0x80;
 	if (mp->caching.abpf) data->data[hdr_size + 2] |= 0x40;
@@ -2953,9 +2959,15 @@ scsi_modesense_marshall_control(struct scsi_task *task,
 	struct scsi_data *data;
 
 	data = scsi_malloc(task, sizeof(struct scsi_data));
+	if (data == NULL) {
+		return NULL;
+	}
 
 	data->size = 12 + hdr_size;
 	data->data = scsi_malloc(task, data->size);
+	if (data->data == NULL) {
+		return NULL;
+	}
 
 	data->data[hdr_size + 2] |= (mp->control.tst << 5) & 0xe0;
 	if (mp->control.tmf_only) data->data[hdr_size + 2] |= 0x10;
@@ -2993,9 +3005,15 @@ scsi_modesense_marshall_power_condition(struct scsi_task *task,
 	struct scsi_data *data;
 
 	data = scsi_malloc(task, sizeof(struct scsi_data));
+	if (data == NULL) {
+		return NULL;
+	}
 
 	data->size = 40 + hdr_size;
 	data->data = scsi_malloc(task, data->size);
+	if (data->data == NULL) {
+		return NULL;
+	}
 
 	data->data[hdr_size + 2] |=
 		(mp->power_condition.pm_bg_precedence << 6) & 0xc0;
@@ -3035,9 +3053,15 @@ scsi_modesense_marshall_disconnect_reconnect(struct scsi_task *task,
 	struct scsi_data *data;
 
 	data = scsi_malloc(task, sizeof(struct scsi_data));
+	if (data == NULL) {
+		return NULL;
+	}
 
 	data->size = 16 + hdr_size;
 	data->data = scsi_malloc(task, data->size);
+	if (data->data == NULL) {
+		return NULL;
+	}
 
 	data->data[hdr_size + 2] = mp->disconnect_reconnect.buffer_full_ratio;
 	data->data[hdr_size + 3] = mp->disconnect_reconnect.buffer_empty_ratio;
@@ -3064,9 +3088,15 @@ scsi_modesense_marshall_informational_exceptions_control(struct scsi_task *task,
 	struct scsi_data *data;
 
 	data = scsi_malloc(task, sizeof(struct scsi_data));
+	if (data == NULL) {
+		return NULL;
+	}
 
 	data->size = 12 + hdr_size;
 	data->data = scsi_malloc(task, data->size);
+	if (data->data == NULL) {
+		return NULL;
+	}
 
 	if (mp->iec.perf)     data->data[hdr_size + 2] |= 0x80;
 	if (mp->iec.ebf)      data->data[hdr_size + 2] |= 0x20;
-- 
1.8.3.1