Re: [PATCH] scsi: sr: fix oob access in get_capabilities

From: Martin K. Petersen
Date: Wed Mar 15 2017 - 20:08:25 EST

Next message: Kent Overstreet: "Bcachefs - encryption, fsck, and more"
Previous message: Ming Lei: "Re: [PATCH 1/2] blk-mq: don't complete un-started request in timeout handler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Kefeng Wang <wangkefeng.wang@xxxxxxxxxx> writes:

Kefeng,

> 'n = header_length + block_descriptor_length' could be greater than 512,
> and will lead to oob access, so enlarge transfer buffer to fix it.

Can you share the output of sg_modes -p 0x2a /dev/srN for the offending
drive?

This mode page is usually much smaller than 512 bytes (typically between
32 and 128 bytes).

--
Martin K. Petersen Oracle Linux Engineering

Next message: Kent Overstreet: "Bcachefs - encryption, fsck, and more"
Previous message: Ming Lei: "Re: [PATCH 1/2] blk-mq: don't complete un-started request in timeout handler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]