On Mon, 2007-11-12 at 00:24 +0100, Jesper Juhl wrote: > From: Jesper Juhl <jesper.juhl@xxxxxxxxx> > > in sas_get_phy_change_count(), the line > disc_resp = alloc_smp_resp(DISCOVER_RESP_SIZE); > will allocate 56 bytes due to this define: > #define DISCOVER_RESP_SIZE 56 > But, the struct is actually 60 bytes in size. > > So change the define to be > #define DISCOVER_RESP_SIZE sizeof(struct smp_resp) > so we always get the correct size even when people > fiddle with the structure. > > This change also fixes the same problem in > sas_get_phy_attached_sas_addr() > > (Found by the Coverity checker. Compile tested only) Well, your fix is definitely wrong. Could you explain the problem a little more? The discover response SMP frame is 56 bytes as mandated by the standard. I don't see anywhere in the code where we're actually using a value beyond the 56th byte ... where is the problem use? James - To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
