On Wed, 2017-03-08 at 21:29 +0530, Kashyap Desai wrote: > Also one more fault I can generate using below sg_raw command - > > "sg_raw -r 32k /dev/sdx 28 00 01 4f ff ff 00 00 08 00" > > Provide more scsi data length compare to actual SG buffer. Do you suggest > such SG_IO interface vulnerability is good to be captured in driver.
That's not a vulnerability of the SG I/O interface. A SCSI device has to set the residual count correctly if the SCSI data length does not match the size of the data buffer. Bart.
