[iscsi] Report SCSI response only when applicable

iSCSI generally includes a full SCSI response only when an error
occurs.  iscsi_scsi_done() currently passes the NULL response through
to scsi_response(), which ends up causing scsicmd_response() to
dereference a NULL pointer.

Fix by calling scsi_response() only if we have a non-NULL response.

Reported-by: Brendon Walsh <brendonwalsh@niamu.com>
Tested-by: Brendon Walsh <brendonwalsh@niamu.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

diff --git a/src/net/tcp/iscsi.c b/src/net/tcp/iscsi.c
index 9eaf3cc50633edcdfe7b3370d979a5ce8966fd44..457ea731447abe73ee9eedb288e6e24069ef3813 100644 (file)
--- a/src/net/tcp/iscsi.c
+++ b/src/net/tcp/iscsi.c
@@ -337,7 +337,8 @@ static void iscsi_scsi_done ( struct iscsi_session *iscsi, int rc,
        iscsi->command = NULL;
 
        /* Send SCSI response, if any */
-       scsi_response ( &iscsi->data, rsp );
+       if ( rsp )
+               scsi_response ( &iscsi->data, rsp );
 
        /* Close SCSI command, if this is still the same command.  (It
         * is possible that the command interface has already been