On Fri, Jun 19, 2015 at 07:13:47AM +, Seymour, Shane M wrote:
With a size of 48 while it won't overflow since you're using snprintf the
string with a maximum value in %d:
echo -n cmd 2147483647 RESET FAILED, new lockup detected |wc -c
48
I actually just chose 48 because it was
: Thursday, June 18, 2015 11:36 PM
To: Dan Carpenter
Cc: James E.J. Bottomley; ISS StorageDev; dl Team ESD Storage Dev Support;
linux-scsi@vger.kernel.org; kernel-janit...@vger.kernel.org
Subject: RE: [patch] hpsa: fix an sprintf() overflow in the reset handler
-Original Message-
From: Dan
-Original Message-
From: Dan Carpenter [mailto:dan.carpen...@oracle.com]
Sent: Thursday, June 04, 2015 9:48 AM
To: Don Brace
Cc: James E.J. Bottomley; iss_storage...@hp.com; dl Team ESD Storage Dev
Support; linux-scsi@vger.kernel.org; kernel-janit...@vger.kernel.org
Subject: [patch]
: Re: [patch] hpsa: fix an sprintf() overflow in the reset handler
Am 04.06.2015 16:47, schrieb Dan Carpenter:
The string cmd %d RESET FAILED, new lockup detected is not quite
large enough so the sprintf() will overflow. I have increased the size
of the buffer and also changed the sprintf
Am 04.06.2015 16:47, schrieb Dan Carpenter:
The string cmd %d RESET FAILED, new lockup detected is not quite
large enough so the sprintf() will overflow. I have increased the size
of the buffer and also changed the sprintf calls to snprintf.
Fixes: 73153fe533bc ('hpsa: use block layer tag
5 matches
Mail list logo
