Please note that patch 0004 is completely bogus and broken. The patch only serves to illustrate where the crash bug in TGTD is for spc_mode_sense() and should not be applied. (the bug still needs to be addressed though)
Please apply patches 0001 - 0003 though. On Fri, May 2, 2008 at 2:06 PM, ronnie sahlberg <[EMAIL PROTECTED]> wrote: > Please find attached a few smallish patches, > > 0001: Fix a "length too small by one" bug in mode sense 10. > > 0002 : we dont need to specify these mode pages in the mmc example > since they are set by default when the lun is initialized > > 0003 : add the modepage for MM capabilities (this mode page was what > discovered the bug below) > > 0004: this fixes a serious crash bug in spc_mode_sense. the bug is > triggered when an initiator is specifying a small alloc_len but the > modepage is big. > This causes the memcpy() in build_mode_page() overwrite other vital > memory and tgtd crashes. > I tried to address it for modesense10 only. The same bug still > exists for the modesense6 path. > Please if someone more comfortable than I can look at the issue and > do a better/more correct patch for this. > This is a pretty important bug to fix. > > > regards > ronnie sahlberg > _______________________________________________ Stgt-devel mailing list [email protected] https://lists.berlios.de/mailman/listinfo/stgt-devel
