scsi: aacraid: Fix an oops in error handling

If the memdup_user() function fails then it results in an Oops in the
error handling code when we try to kfree() and error pointer.

Link: https://lore.kernel.org/r/20200513093703.GB347693@mwanda
Fixes: 8d925b1f00e6 ("scsi: aacraid: Use memdup_user() as a cleanup")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

diff --git a/drivers/scsi/aacraid/commctrl.c b/drivers/scsi/aacraid/commctrl.c
index 102658bdc15a0d198e7e5de7e54a58cb2e5f26e8..34e65dea992e4d0c4c57471cf29d4d52f1707278 100644 (file)
--- a/drivers/scsi/aacraid/commctrl.c
+++ b/drivers/scsi/aacraid/commctrl.c
@@ -516,6 +516,7 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
        user_srbcmd = memdup_user(user_srb, fibsize);
        if (IS_ERR(user_srbcmd)) {
                rcode = PTR_ERR(user_srbcmd);
+               user_srbcmd = NULL;
                goto cleanup;
        }