scsi: scsi_debug: Fix some bugs in sdebug_error_write() - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Dan Carpenter <dan.carpenter@linaro.org>	2023-11-06 17:04:33 +0300
committer	Martin K. Petersen <martin.petersen@oracle.com>	2023-11-08 21:42:26 -0500
commit	860c3d03bbc3f17aef8600662c488f27fd093142 (patch)
tree	f101c4879f5382ec75df12777b95dd37e959e40e /lib/crypto/mpi/mpi-sub-ui.c
parent	27900d7119c464b43cd9eac69c85884d17bae240 (diff)

scsi: scsi_debug: Fix some bugs in sdebug_error_write()

There are two bug in this code: 1) If count is zero, then it will lead to a NULL dereference. The kmalloc() will successfully allocate zero bytes and the test for "if (buf[0] == '-')" will read beyond the end of the zero size buffer and Oops. 2) The code does not ensure that the user's string is properly NUL terminated which could lead to a read overflow. Fixes: a9996d722b11 ("scsi: scsi_debug: Add interface to manage error injection for a single device") Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> Link: https://lore.kernel.org/r/7733643d-e102-4581-8d29-769472011c97@moroto.mountain Reviewed-by: Wenchao Hao <haowenchao2@huawei.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

Diffstat (limited to 'lib/crypto/mpi/mpi-sub-ui.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: