[PATCH] libmultipath: fix ontap prioritizer snprintf limits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The ontap prioritizer functions dump_cdb() and process_sg_error() both
incorrectly set the snprintf() limits larger than the available space.
Instead of multiplying the number of elements to print by the size of an
element to calculate the limit, they multiplied the number of elements
to print by the maximum number of elements that the buffer could hold.

Fix this, and also make sure that the number of elements to print is
less than or equal to the maximum number that the buffer can hold.

Signed-off-by: Benjamin Marzinski <bmarzins@xxxxxxxxxx>
---
 libmultipath/prioritizers/ontap.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/libmultipath/prioritizers/ontap.c b/libmultipath/prioritizers/ontap.c
index 117886ea..28e663ac 100644
--- a/libmultipath/prioritizers/ontap.c
+++ b/libmultipath/prioritizers/ontap.c
@@ -39,8 +39,8 @@ static void dump_cdb(unsigned char *cdb, int size)
 	char * p = &buf[0];
 
 	condlog(0, "- SCSI CDB: ");
-	for (i=0; i<size; i++) {
-		p += snprintf(p, 10*(size-i), "0x%02x ", cdb[i]);
+	for (i = 0; i < size && i < 10; i++) {
+		p += snprintf(p, 5*(size-i), "0x%02x ", cdb[i]);
 	}
 	condlog(0, "%s", buf);
 }
@@ -56,8 +56,8 @@ static void process_sg_error(struct sg_io_hdr *io_hdr)
 		io_hdr->host_status, io_hdr->driver_status);
 	if (io_hdr->sb_len_wr > 0) {
 		condlog(0, "- SCSI sense data: ");
-		for (i=0; i<io_hdr->sb_len_wr; i++) {
-			p += snprintf(p, 128*(io_hdr->sb_len_wr-i), "0x%02x ",
+		for (i = 0; i < io_hdr->sb_len_wr && i < 128; i++) {
+			p += snprintf(p, 5*(io_hdr->sb_len_wr-i), "0x%02x ",
 				      io_hdr->sbp[i]);
 		}
 		condlog(0, "%s", buf);
-- 
2.45.0





[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux