UBSAN: Undefined behaviour in drivers/scsi/megaraid/megaraid_sas_fp.c:117:32

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

UBSAN: Undefined behaviour in drivers/scsi/megaraid/megaraid_sas_fp.c:117:32
index 255 is out of range for type 'MR_LD_SPAN_MAP [1]'

This commit 51087a8617fe (megaraid_sas : Extended VD support) defined those,

struct MR_FW_RAID_MAP {
  u8 ldTgtIdToLd[MAX_RAIDMAP_LOGICAL_DRIVES+\
                 MAX_RAIDMAP_VIEWS];
  struct MR_LD_SPAN_MAP  ldSpanMap[1];

struct MR_FW_RAID_MAP_ALL {
  struct MR_FW_RAID_MAP raidMap;

struct MR_LD_RAID *MR_LdRaidGet(u32 ld, struct MR_DRV_RAID_MAP_ALL *map)
  return &map->raidMap.ldSpanMap[ld].ldRaid;

Then, there are several paths could trigger that undefined behavior due to
out-of-bound access.

mr_update_load_balance_params
  for (ldCount = 0; ldCount < MAX_LOGICAL_DRIVES_EXT;\
       ldCount++;
    ld = MR_TargetIdToLdGet(ldCount, drv_map);
    raid = MR_LdRaidGet(ld, drv_map)

megasas_build_io_fusion
  megasas_build_ld_nonrw_fusion
    ld = MR_TargetIdToLdGet(device_id, local_map_ptr);
    raid = MR_LdRaidGet(ld, local_map_ptr);

Any clue?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux