Showing error 1743

User: Jiri Slaby
Error type: Invalid Pointer Dereference
Error type description: A pointer which is invalid is being dereferenced
File location: drivers/scsi/sg.c
Line in file: 240
Project: Linux Kernel
Project version: 2.6.28
Tools: Smatch (1.59)
Entered: 2013-09-10 20:24:52 UTC

Source: 

 210#define SZ_SG_IOVEC sizeof(sg_iovec_t)
 211#define SZ_SG_REQ_INFO sizeof(sg_req_info_t)
 212
 213static int sg_allow_access(struct file *filp, unsigned char *cmd)
 214{
 215        struct sg_fd *sfp = (struct sg_fd *)filp->private_data;
 216        struct request_queue *q = sfp->parentdp->device->request_queue;
 217
 218        if (sfp->parentdp->device->type == TYPE_SCANNER)
 219                return 0;
 220
 221        return blk_verify_command(&q->cmd_filter,
 222                                  cmd, filp->f_mode & FMODE_WRITE);
 223}
 224
 225static int
 226sg_open(struct inode *inode, struct file *filp)
 227{
 228        int dev = iminor(inode);
 229        int flags = filp->f_flags;
 230        struct request_queue *q;
 231        Sg_device *sdp;
 232        Sg_fd *sfp;
 233        int res;
 234        int retval;
 235
 236        lock_kernel();
 237        nonseekable_open(inode, filp);
 238        SCSI_LOG_TIMEOUT(3, printk("sg_open: dev=%d, flags=0x%x\n", dev, flags));
 239        sdp = sg_get_dev(dev);
 240        if ((!sdp) || (!sdp->device)) {
 241                unlock_kernel();
 242                return -ENXIO;
 243        }
 244        if (sdp->detached) {
 245                unlock_kernel();
 246                return -ENODEV;
 247        }
 248
 249        /* This driver's module count bumped by fops_get in <linux/fs.h> */
 250        /* Prevent the device driver from vanishing while we sleep */
Show full sources