mirrors/scst
1
0
Fork 0
mirror of https://github.com/SCST-project/scst.git synced 2026-05-19 03:31:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

isert: Don't overwrite userspace if insufficient buffer is provided

Browse Source 
Signed-off-by: Yan Burman <yanb@mellanox.com>


git-svn-id: http://svn.code.sf.net/p/scst/svn/trunk@6460 d57e44dd-8a1f-0410-8b47-8ef2f437770f
This commit is contained in:
Bart Van Assche
2015-08-03 18:46:16 +00:00
parent e5e54f312b
commit 9105e9cf5d
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
iscsi-scst/kernel/isert-scst/isert_login.c
View File

@@ -333,6 +333,7 @@ static ssize_t isert_listen_read(struct file *filp, char __user *buf,
struct isert_conn_dev *conn_dev;
int res = 0;
char k_buff[sizeof("/dev/") + sizeof(ISER_CONN_DEV_PREFIX) + 3 + 1];
size_t to_write;
TRACE_ENTRY();
@@ -357,8 +358,9 @@ wait_for_connection:
list_move(&conn_dev->conn_list_entry, &dev->curr_conn_list);
spin_unlock(&dev->conn_lock);
res = snprintf(k_buff, sizeof(k_buff), "/dev/"ISER_CONN_DEV_PREFIX"%d",
conn_dev->idx);
to_write = min_t(size_t, sizeof(k_buff), count);
res = scnprintf(k_buff, to_write, "/dev/"ISER_CONN_DEV_PREFIX"%d",
conn_dev->idx);
++res; /* copy trailing \0 as well */
if (unlikely(copy_to_user(buf, k_buff, res)))