Re: [patch] nvme: lightnvm: buffer overflow in nvme_nvm_identity()
From: Matias BjÃrling
Date: Tue Jan 26 2016 - 04:57:08 EST
On 01/26/2016 10:27 AM, Dan Carpenter wrote:
> nvme_nvm_id->ppaf is 4 bytes larger than nvm_id->ppaf. We're using the
> larger size struct for the sizeof() so we end up corrupting the
> first four bytes of nvm_id->groups[]. It doesn't look like we actually
> want to copy those last bytes anyway.
>
Thanks, Dan. You are right. The four bytes are overwritten afterwards
and hid the issue.