ncr710: Fix potential null pointer dereference

The code dereferences s->current before checking if it is NULL. Move the
null check before the dereference to prevent potential crashes.

This issue could occur if s->current is NULL when the function reaches
the "Host adapter (re)connected" path, though this should not normally
happen during correct operation.

Reported-by: Stefan Hajnoczi <stefanha@gmail.com>
Reported-by: GuoHan Zhao <zhaoguohan@kylinos.cn>
Suggested-by: GuoHan Zhao <zhaoguohan@kylinos.cn>
Signed-off-by: Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>
Reviewed-by: Helge Deller <deller@gmx.de>
Signed-off-by: Helge Deller <deller@gmx.de>

diff --git a/hw/scsi/ncr53c710.c b/hw/scsi/ncr53c710.c
index ade951b1d1077fe31d2c8e65ca337b88e0a87cf9..a35c41b67f3dd5313e1466aaf9dc8eb10280469b 100644 (file)
--- a/hw/scsi/ncr53c710.c
+++ b/hw/scsi/ncr53c710.c
@@ -832,12 +832,11 @@ void ncr710_transfer_data(SCSIRequest *req, uint32_t len)
     }
 
     /* Host adapter (re)connected */
-    s->current->dma_len = len;
     s->command_complete = NCR710_CMD_DATA_READY;
-
     if (!s->current) {
         return;
     }
+    s->current->dma_len = len;
 
     if (s->waiting) {
         s->scntl1 |= NCR710_SCNTL1_CON;