[PATCH] scsi: fcoe: sanity check string size for store_ctrl_mode option

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Colin Ian King <colin.king@xxxxxxxxxxxxx>

Reading and writing to mode[count - 1] implies the count should not
be less than 1 so add a sanity check for this.

Detected with CoverityScan, CID#1357345 ("Overflowed array index write")

Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
---
 drivers/scsi/fcoe/fcoe_sysfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/fcoe/fcoe_sysfs.c b/drivers/scsi/fcoe/fcoe_sysfs.c
index 9cf3d56296ab..e298240c728c 100644
--- a/drivers/scsi/fcoe/fcoe_sysfs.c
+++ b/drivers/scsi/fcoe/fcoe_sysfs.c
@@ -288,7 +288,7 @@ static ssize_t store_ctlr_mode(struct device *dev,
 	struct fcoe_ctlr_device *ctlr = dev_to_ctlr(dev);
 	char mode[FCOE_MAX_MODENAME_LEN + 1];
 
-	if (count > FCOE_MAX_MODENAME_LEN)
+	if (count < 1 || count > FCOE_MAX_MODENAME_LEN)
 		return -EINVAL;
 
 	strncpy(mode, buf, count);
-- 
2.11.0

--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux