[SCSI] Fix range check in scsi_host_dif_capable()

The range checking from fe542396 was bad. We would still end up walking beyond the array as Type 3 is defined to be 4 in the protection bitmask. Instead use ARRAY_SIZE() for the range check. Reported-by: N Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: N Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: N James Bottomley <JBottomley@Parallels.com>

[SCSI] Fix range check in scsi_host_dif_capable()
The range checking from fe542396 was bad. We would still end up walking beyond the array as Type 3 is defined to be 4 in the protection bitmask. Instead use ARRAY_SIZE() for the range check. Reported-by: N Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: N Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: N James Bottomley <JBottomley@Parallels.com>
4d24834d · Martin K. Petersen · James Bottomley · 9d2696e6 · 4d24834d
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

include/scsi/scsi_host.h include/scsi/scsi_host.h +2 -2

未找到文件。
--- a/include/scsi/scsi_host.h
+++ b/include/scsi/scsi_host.h
@@ -873,7 +873,7 @@ static inline unsigned int scsi_host_dif_capable(struct Scsi_Host *shost, unsign
 				       SHOST_DIF_TYPE2_PROTECTION,
 				       SHOST_DIF_TYPE3_PROTECTION };
-	if (target_type > SHOST_DIF_TYPE3_PROTECTION)
+	if (target_type >= ARRAY_SIZE(cap))
 		return 0;
 	return shost->prot_capabilities & cap[target_type] ? target_type : 0;
@@ -887,7 +887,7 @@ static inline unsigned int scsi_host_dix_capable(struct Scsi_Host *shost, unsign
 				       SHOST_DIX_TYPE2_PROTECTION,
 				       SHOST_DIX_TYPE3_PROTECTION };
-	if (target_type > SHOST_DIX_TYPE3_PROTECTION)
+	if (target_type >= ARRAY_SIZE(cap))
 		return 0;
 	return shost->prot_capabilities & cap[target_type];