Re: [PATCH] SCSI: Fix potential out-of-bounds access in drivers/scsi/sd.c

2013-09-08 Thread Hannes Reinecke
On 09/06/2013 06:24 PM, Paolo Bonzini wrote: > Il 06/09/2013 17:49, Alan Stern ha scritto: >> This patch fixes an out-of-bounds error in sd_read_cache_type(), found >> by Google's AddressSanitizer tool. When the loop ends, we know that >> "offset" lies beyond the end of the data in the buffer, so

Re: [PATCH] SCSI: Fix potential out-of-bounds access in drivers/scsi/sd.c

2013-09-06 Thread Paolo Bonzini
Il 06/09/2013 17:49, Alan Stern ha scritto: > This patch fixes an out-of-bounds error in sd_read_cache_type(), found > by Google's AddressSanitizer tool. When the loop ends, we know that > "offset" lies beyond the end of the data in the buffer, so no Caching > mode page was found. In theory it ma

[PATCH] SCSI: Fix potential out-of-bounds access in drivers/scsi/sd.c

2013-09-06 Thread Alan Stern
This patch fixes an out-of-bounds error in sd_read_cache_type(), found by Google's AddressSanitizer tool. When the loop ends, we know that "offset" lies beyond the end of the data in the buffer, so no Caching mode page was found. In theory it may be present, but the buffer size is limited to 512