On Thu, Dec 17, Andrea Parri (Microsoft) wrote: > Check that the packet is of the expected size at least, don't copy data > past the packet. > + if (hv_pkt_datalen(desc) < sizeof(struct vstor_packet) - > + stor_device->vmscsi_size_delta) { > + dev_err(&device->device, "Invalid packet len\n"); > + continue; > + } > + Sorry for being late: It might be just cosmetic, but should this check be done prior the call to vmbus_request_addr()? Unrelated: my copy of vmbus_request_addr() can return 0, which is apparently not handled by this loop in storvsc_on_channel_callback(). Olaf
Attachment:
signature.asc
Description: PGP signature