[SCSI] aacraid: check buffer address in aac_internal_transfer

Captured a panic on an older kernel where an application issuing
commands via sg was sending requests that lacked a request_buffer, thus
the buffer pointer used in aac_internal_transer was NULL. The
application was fixed closing the issue, but felt it was advised to
immunize the driver against the eventuality.

Signed-off-by: Mark Salyzyn <aacraid@adaptec.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>

diff --git a/drivers/scsi/aacraid/aachba.c b/drivers/scsi/aacraid/aachba.c
index 0c4e27e..f9deab6 100644 (file)
--- a/drivers/scsi/aacraid/aachba.c
+++ b/drivers/scsi/aacraid/aachba.c
@@ -350,8 +350,9 @@ static void aac_internal_transfer(struct scsi_cmnd *scsicmd, void *data, unsigne
                buf = scsicmd->request_buffer;
                transfer_len = min(scsicmd->request_bufflen, len + offset);
        }
-
-       memcpy(buf + offset, data, transfer_len - offset);
+       transfer_len -= offset;
+       if (buf && transfer_len)
+               memcpy(buf + offset, data, transfer_len);
 
        if (scsicmd->use_sg) 
                kunmap_atomic(buf - sg->offset, KM_IRQ0);