[PATCH] nvmet/tcp: Solve coredump issue while initiator sends write CapsuleCmd

[Ziye Yang]

When the initiator sneds write CapsuleCmd without incapsuledata, we
can use the queue->connect command to handle. If we do not do that,
we will have a coredump because queue->cmds are not initialized.

Signed-off-by: Ziye Yang <ziye.yang at intel.com>
---
 drivers/nvme/target/tcp.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/nvme/target/tcp.c b/drivers/nvme/target/tcp.c
index 9eda91162fe4..9d3eeb9338cc 100644
--- a/drivers/nvme/target/tcp.c
+++ b/drivers/nvme/target/tcp.c
@@ -866,7 +866,11 @@ static int nvmet_tcp_handle_h2c_data_pdu(struct nvmet_tcp_queue *queue)
 	struct nvme_tcp_data_pdu *data = &queue->pdu.data;
 	struct nvmet_tcp_cmd *cmd;
 
-	cmd = &queue->cmds[data->ttag];
+	if (likely(queue->nr_cmds)) {
+		cmd = &queue->cmds[data->ttag];
+	} else {
+		cmd = &queue->connect;
+	}
 
 	if (le32_to_cpu(data->data_offset) != cmd->rbytes_done) {
 		pr_err("ttag %u unexpected data offset %u (expected %u)\n",
-- 
2.21.3