target: Fix missing length check in spc_emulate_evpd_83()

Commit fbfe858f ("target_core_spc: Include target device descriptor in VPD page 83") added a new length variable, but (due to a cut and paste mistake?) just checks scsi_name_len against 256 twice. Fix this to check scsi_target_len for overflow too. Signed-off-by: N Roland Dreier <roland@purestorage.com> Signed-off-by: N Nicholas Bellinger <nab@linux-iscsi.org>

target: Fix missing length check in spc_emulate_evpd_83()
Commit fbfe858f ("target_core_spc: Include target device descriptor in VPD page 83") added a new length variable, but (due to a cut and paste mistake?) just checks scsi_name_len against 256 twice. Fix this to check scsi_target_len for overflow too. Signed-off-by: N Roland Dreier <roland@purestorage.com> Signed-off-by: N Nicholas Bellinger <nab@linux-iscsi.org>
6a16d7be · Roland Dreier · Nicholas Bellinger · 2d15025a · 6a16d7be
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

drivers/target/target_core_spc.c drivers/target/target_core_spc.c +2 -2

未找到文件。
--- a/drivers/target/target_core_spc.c
+++ b/drivers/target/target_core_spc.c
@@ -440,8 +440,8 @@ spc_emulate_evpd_83(struct se_cmd *cmd, unsigned char *buf)
 		padding = ((-scsi_target_len) & 3);
 		if (padding)
 			scsi_target_len += padding;
-		if (scsi_name_len > 256)
-			scsi_name_len = 256;
+		if (scsi_target_len > 256)
+			scsi_target_len = 256;

 		buf[off-1] = scsi_target_len;
 		off += scsi_target_len;