On Sun, Feb 26, 2006 at 08:34:10AM -0600, James Bottomley wrote: > Well, OK, I agree allowing us to request data longer than the actual > buffer is a problem. However, I don't exactly see how this actually > causes corruption, since even the initio bridge only sends 12 bytes of > data, so we should stop with a data underrun at that point (however big > the buffer is) scsi_mode_sense() does memset(buffer, 0, len). You don't need corrupting data to come from device - 10Kb of zeroes into 512-byte kmalloc'ed buffer will do the job just fine... ACKed in that form. - : send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
