mirrors/scst
1
0
Fork 0
mirror of https://github.com/SCST-project/scst.git synced 2026-05-21 04:31:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Thre is potential buffer overflow in iscsi_session_alloc() due to

Browse Source 
short computation of needed string size.  Notice the "%s@%s" in the first call
to sprintf().

Signed-off-by: David Butterfield <dab21774@gmail.com>



git-svn-id: http://svn.code.sf.net/p/scst/svn/trunk@7110 d57e44dd-8a1f-0410-8b47-8ef2f437770f
This commit is contained in:
Vladislav Bolkhovitin
2017-04-13 23:02:18 +00:00
parent aa6c6a4c2f
commit 2331e8ec33
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
iscsi-scst/kernel/session.c
View File

@@ -65,7 +65,7 @@ static int iscsi_session_alloc(struct iscsi_target *target,
#ifdef CONFIG_SCST_PROC
name = kmalloc(strlen(info->user_name) + strlen(info->initiator_name) +
1, GFP_KERNEL);
2, GFP_KERNEL); /* +1 (for '\0') +1 (for '@') */
if (name == NULL) {
err = -ENOMEM;
goto err;