From patchwork Wed Nov 23 07:45:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Arefev X-Patchwork-Id: 24757 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp2648295wrr; Tue, 22 Nov 2022 23:50:06 -0800 (PST) X-Google-Smtp-Source: AA0mqf7fxlAkcC8yXOENmtn2M/dLgkruFoZEQctJ7iu2EFR6swCaP+fFzyO3kce0RPtFVQCVJFTe X-Received: by 2002:a17:902:e849:b0:186:898a:f33d with SMTP id t9-20020a170902e84900b00186898af33dmr8279175plg.33.1669189806255; Tue, 22 Nov 2022 23:50:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669189806; cv=none; d=google.com; s=arc-20160816; b=N0bhv6WZgm2nh2SPRT9Q38EduA6Lw1H2Mf2KO0CGTUGrHFtSV7wP9T5BwfPcVF06u5 uYOUOedPq65wI8nVWD0PHJ99451J2c0Q6WHEIKuGtrpDtoJSmJiQxLTpbU6YONIlI4bW rSQvG1efxHI8IP6Vmc2fvN/prG8H69XytyUG0ezotwjmxFNmo+p4MvZVqSkJEjDY2wBZ 3/KrKzbnxaHoIH/Zb4fVVrlD60TUdWyQX9eU1s70LfPGVlJ2gVpqVgesbUtLsdW2A3Qw fWRc9UX4lqKjUWfUH19SMW8Ut+OxqczOEHWzKYbsjZqf7FaoaF7nIylw6aj+pHadZVRN H08Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:dkim-signature:from; bh=NyGQuAK8qaIoADlkM2cY8C4CbAnRMBfaC7DAeE7V5QM=; b=rCsHb0hV6ORpAWhP6E7cot5qbIN07EDRCfEFxeL/cjOGpJw8Oc/EVXtHGmR0wRd8rv PO0Ss9olS7VQy44yThjevmizZsYQFevDxzddQGfbrg4wFo8SfJk/hlt7/QM22uSKXKa7 OcsQ0Zse/TwTpxKNNVWIM6gHZQjcS5JcxGttVCHJPwfWggiT7z7XDIokFeI9My9TUlFe oN8dC9v1nZS9kinDY858W04Iie8JI2vbY/S6YMgPVLOfuffYQtpwXCxHUcV77fxU4P9g v6jhjvyivVQF7XVcQuiIQdOtttsozZ7f6QGDNtwvBFVEXQobyMJvSyK0ZVecY2dTNSga oJzw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@swemel.ru header.s=mail header.b=NstPDabF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=swemel.ru Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 22-20020a631756000000b00476e7bc209esi654030pgx.641.2022.11.22.23.49.53; Tue, 22 Nov 2022 23:50:06 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@swemel.ru header.s=mail header.b=NstPDabF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=swemel.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235951AbiKWHqM (ORCPT + 99 others); Wed, 23 Nov 2022 02:46:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50738 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235411AbiKWHpv (ORCPT ); Wed, 23 Nov 2022 02:45:51 -0500 Received: from mx.swemel.ru (mx.swemel.ru [95.143.211.150]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B9C78F8849; Tue, 22 Nov 2022 23:45:49 -0800 (PST) From: Denis Arefev DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=swemel.ru; s=mail; t=1669189547; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=NyGQuAK8qaIoADlkM2cY8C4CbAnRMBfaC7DAeE7V5QM=; b=NstPDabF4kgRZAUFh1fBWd3+20zAEWf32RVcthDIrI5oC3RwwwmDUQW+OkEYahOm5b9YBt R/AuEBRng0GSouJ7Xm44jU5UyW7tWpHs+12e1XLlt+tglhwEecp7JwwhKJtZz1WxoQuB9m UVWko0D7OA9wXv0fyhbZvtgt175wcQU= To: Anil Gurumurthy Cc: Sudarsana Kalluru , "James E.J. Bottomley" , "Martin K. Petersen" , linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org, trufanov@swemel.ru, vfh@swemel.ru Subject: [PATCH] scsi: bfa: Eliminated buffer overflow Date: Wed, 23 Nov 2022 10:45:46 +0300 Message-Id: <20221123074546.30340-1-arefev@swemel.ru> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1750272370582213884?= X-GMAIL-MSGID: =?utf-8?q?1750272370582213884?= Buffer 'cmd->adapter_hwpath' of size 32 accessed at bfad_bsg.c:101:103 can overflow, since its index 'i' can have value 32 that is out of range. Signed-off-by: Denis Arefev --- drivers/scsi/bfa/bfad_bsg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/bfa/bfad_bsg.c b/drivers/scsi/bfa/bfad_bsg.c index be8dfbe13e90..78615ffc62ef 100644 --- a/drivers/scsi/bfa/bfad_bsg.c +++ b/drivers/scsi/bfa/bfad_bsg.c @@ -98,9 +98,9 @@ bfad_iocmd_ioc_get_info(struct bfad_s *bfad, void *cmd) /* set adapter hw path */ strcpy(iocmd->adapter_hwpath, bfad->pci_name); - for (i = 0; iocmd->adapter_hwpath[i] != ':' && i < BFA_STRING_32; i++) + for (i = 0; iocmd->adapter_hwpath[i] != ':' && i < BFA_STRING_32-2; i++) ; - for (; iocmd->adapter_hwpath[++i] != ':' && i < BFA_STRING_32; ) + for (; iocmd->adapter_hwpath[++i] != ':' && i < BFA_STRING_32-1; ) ; iocmd->adapter_hwpath[i] = '\0'; iocmd->status = BFA_STATUS_OK;