On Wed, 2018-06-27 at 05:14 -0700, Nilesh Javali wrote:
> There is potential buffer overflow while getting the target
> name from the NVRAM. Correct the size of the buffer to avoid
> overflow.
>
> Signed-off-by: Nilesh Javali <nilesh.javali@xxxxxxxxxx>
> ---
> drivers/scsi/qedi/qedi_iscsi.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/qedi/qedi_iscsi.h b/drivers/scsi/qedi/qedi_iscsi.h
> index 1126077..d690330 100644
> --- a/drivers/scsi/qedi/qedi_iscsi.h
> +++ b/drivers/scsi/qedi/qedi_iscsi.h
> @@ -225,7 +225,7 @@ struct qedi_work_map {
>
> struct qedi_boot_target {
> char ip_addr[64];
> - char iscsi_name[255];
> + char iscsi_name[256];
> u32 ipv6_en;
> };
Has the number 256 perhaps been derived from the following paragraph
in the iSCSI spec? If so, please mention this in the patch description.
>From https://tools.ietf.org/html/rfc3720:
If not otherwise specified, the maximum length of a simple-value (not
its encoded representation) is 255 bytes, not including the delimiter
(comma or zero byte).
Thanks,
Bart.
