Re: [PATCH] ch: Do not read past the end of vendor_labels[]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2020-06-29 11:33, Arnd Bergmann wrote:
> On Mon, Jun 29, 2020 at 6:11 PM Bart Van Assche <bvanassche@xxxxxxx> wrote:
>> diff --git a/drivers/scsi/ch.c b/drivers/scsi/ch.c
>> index b81b397366db..b675a01380eb 100644
>> --- a/drivers/scsi/ch.c
>> +++ b/drivers/scsi/ch.c
>> @@ -651,19 +651,23 @@ static long ch_ioctl(struct file *file,
>>                 memset(&vparams,0,sizeof(vparams));
>>                 if (ch->counts[CHET_V1]) {
>>                         vparams.cvp_n1  = ch->counts[CHET_V1];
>> -                       memcpy(vparams.cvp_label1,vendor_labels[0],16);
>> +                       strncpy(vparams.cvp_label1, vendor_labels[0],
>> +                               ARRAY_SIZE(vparams.cvp_label1));
>>                 }
> 
> Against which tree is this? I see in mainline the correct
> 
>       strncpy(vparams.cvp_label1,vendor_labels[0],16);
> 
> rather than the broken memcpy. If this was changed recently to the
> broken version, maybe send a revert, or add a "Fixes" tag?

Hi Arnd,

Thanks for having taken a look. This patch applies to Martin's for-next
branch. The most recent ch patch I found in Linus' master branch is "ch:
remove ch_mutex()" from February 2020. I haven't found any more recent
ch patches in the linux-next/master branch either. Have I perhaps been
looking at the wrong repository or the wrong branch?

Thanks,

Bart.




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux