> On Jun 7, 2023, at 4:38 AM, Nilesh Javali <njavali@xxxxxxxxxxx> wrote:
>
> From: Quinn Tran <qutran@xxxxxxxxxxx>
>
> Klocwork warning: Buffer Overflow - Array Index Out of Bounds
>
> Driver uses fc_els_flogi to calculate size of buffer.
> The actual buffer is nested inside of fc_els_flogi
> which is smaller.
>
> Replace structure name to allow proper size calculation.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Quinn Tran <qutran@xxxxxxxxxxx>
> Signed-off-by: Nilesh Javali <njavali@xxxxxxxxxxx>
> ---
> drivers/scsi/qla2xxx/qla_init.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/qla2xxx/qla_init.c b/drivers/scsi/qla2xxx/qla_init.c
> index 0df6eae7324e..b0225f6f3221 100644
> --- a/drivers/scsi/qla2xxx/qla_init.c
> +++ b/drivers/scsi/qla2xxx/qla_init.c
> @@ -5549,7 +5549,7 @@ static void qla_get_login_template(scsi_qla_host_t *vha)
> __be32 *q;
>
> memset(ha->init_cb, 0, ha->init_cb_size);
> - sz = min_t(int, sizeof(struct fc_els_flogi), ha->init_cb_size);
> + sz = min_t(int, sizeof(struct fc_els_csp), ha->init_cb_size);
> rval = qla24xx_get_port_login_templ(vha, ha->init_cb_dma,
> ha->init_cb, sz);
> if (rval != QLA_SUCCESS) {
> --
> 2.23.1
>
Reviewed-by: Himanshu Madhani <himanshu.madhani@xxxxxxxxxx>
--
Himanshu Madhani Oracle Linux Engineering
