forked from Minki/linux
42c335f7e6
When copying attributes, the len argument was padded out and the resulting memcpy() would copy beyond the end of the source buffer. Avoid this, and use size_t for val_len to avoid all the casts. Similarly, avoid source buffer casts and use void *. Additionally enforces val_len can be represented by u16 and that the DMA buffer was not overflowed. Fixes the size of mfa, which is not FC_FDMI_PORT_ATTR_MAXFRAMESIZE_LEN (but it will be padded up to 4). This was noticed by the future CONFIG_FORTIFY_SOURCE checks. Cc: Daniel Micay <danielmicay@gmail.com> Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Varun Prakash <varun@chelsio.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> |
||
---|---|---|
.. | ||
csio_attr.c | ||
csio_defs.h | ||
csio_hw_chip.h | ||
csio_hw_t5.c | ||
csio_hw.c | ||
csio_hw.h | ||
csio_init.c | ||
csio_init.h | ||
csio_isr.c | ||
csio_lnode.c | ||
csio_lnode.h | ||
csio_mb.c | ||
csio_mb.h | ||
csio_rnode.c | ||
csio_rnode.h | ||
csio_scsi.c | ||
csio_scsi.h | ||
csio_wr.c | ||
csio_wr.h | ||
Kconfig | ||
Makefile | ||
t4fw_api_stor.h |