Patch "scsi: qla2xxx: Array index may go out of bound" has been added to the 5.15-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    scsi: qla2xxx: Array index may go out of bound

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     scsi-qla2xxx-array-index-may-go-out-of-bound.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From d721b591b95cf3f290f8a7cbe90aa2ee0368388d Mon Sep 17 00:00:00 2001
From: Nilesh Javali <njavali@xxxxxxxxxxx>
Date: Wed, 7 Jun 2023 17:08:36 +0530
Subject: scsi: qla2xxx: Array index may go out of bound

From: Nilesh Javali <njavali@xxxxxxxxxxx>

commit d721b591b95cf3f290f8a7cbe90aa2ee0368388d upstream.

Klocwork reports array 'vha->host_str' of size 16 may use index value(s)
16..19.  Use snprintf() instead of sprintf().

Cc: stable@xxxxxxxxxxxxxxx
Co-developed-by: Bikash Hazarika <bhazarika@xxxxxxxxxxx>
Signed-off-by: Bikash Hazarika <bhazarika@xxxxxxxxxxx>
Signed-off-by: Nilesh Javali <njavali@xxxxxxxxxxx>
Link: https://lore.kernel.org/r/20230607113843.37185-2-njavali@xxxxxxxxxxx
Reviewed-by: Himanshu Madhani <himanshu.madhani@xxxxxxxxxx>
Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 drivers/scsi/qla2xxx/qla_os.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/drivers/scsi/qla2xxx/qla_os.c
+++ b/drivers/scsi/qla2xxx/qla_os.c
@@ -5042,7 +5042,8 @@ struct scsi_qla_host *qla2x00_create_hos
 	}
 	INIT_DELAYED_WORK(&vha->scan.scan_work, qla_scan_work_fn);
 
-	sprintf(vha->host_str, "%s_%lu", QLA2XXX_DRIVER_NAME, vha->host_no);
+	snprintf(vha->host_str, sizeof(vha->host_str), "%s_%lu",
+		 QLA2XXX_DRIVER_NAME, vha->host_no);
 	ql_dbg(ql_dbg_init, vha, 0x0041,
 	    "Allocated the host=%p hw=%p vha=%p dev_name=%s",
 	    vha->host, vha->hw, vha,


Patches currently in stable-queue which might be from njavali@xxxxxxxxxxx are

queue-5.15/scsi-qla2xxx-fix-potential-null-pointer-dereference.patch
queue-5.15/scsi-qla2xxx-correct-the-index-of-array.patch
queue-5.15/scsi-qla2xxx-fix-buffer-overrun.patch
queue-5.15/scsi-qla2xxx-array-index-may-go-out-of-bound.patch
queue-5.15/scsi-qla2xxx-wait-for-io-return-on-terminate-rport.patch
queue-5.15/scsi-qla2xxx-pointer-may-be-dereferenced.patch
queue-5.15/scsi-qla2xxx-remove-unused-nvme_ls_waitq-wait-queue.patch
queue-5.15/scsi-qla2xxx-avoid-fcport-pointer-dereference.patch
queue-5.15/scsi-qla2xxx-check-valid-rport-returned-by-fc_bsg_to_rport.patch



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux