Re: [PATCH} SCSI: fix new bug in scsi_dev_info_list string matching

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>>>>> "Alan" == Alan Stern <stern@xxxxxxxxxxxxxxxxxxx> writes:

Alan> Commit b704f70ce200 ("SCSI: fix bug in scsi_dev_info_list
Alan> matching") changed the way vendor- and model-string matching was
Alan> carried out in the routine that looks up entries in a SCSI devinfo
Alan> list.  The new matching code failed to take into account the case
Alan> of a maximum-length string; in such cases it could end up testing
Alan> for a terminating '\0' byte beyond the end of the memory allocated
Alan> to the string.  This out-of-bounds bug was detected by UBSAN.

Applied to 4.7/scsi-fixes.

-- 
Martin K. Petersen	Oracle Linux Engineering
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]
  Powered by Linux