On Wed, 2018-06-27 at 05:14 -0700, Nilesh Javali wrote: > There is potential buffer overflow while getting the target > name from the NVRAM. Correct the size of the buffer to avoid > overflow. > > Signed-off-by: Nilesh Javali <[email protected]> > --- > drivers/scsi/qedi/qedi_iscsi.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/scsi/qedi/qedi_iscsi.h b/drivers/scsi/qedi/qedi_iscsi.h > index 1126077..d690330 100644 > --- a/drivers/scsi/qedi/qedi_iscsi.h > +++ b/drivers/scsi/qedi/qedi_iscsi.h > @@ -225,7 +225,7 @@ struct qedi_work_map { > > struct qedi_boot_target { > char ip_addr[64]; > - char iscsi_name[255]; > + char iscsi_name[256]; > u32 ipv6_en; > };
Has the number 256 perhaps been derived from the following paragraph in the iSCSI spec? If so, please mention this in the patch description. From https://tools.ietf.org/html/rfc3720: If not otherwise specified, the maximum length of a simple-value (not its encoded representation) is 255 bytes, not including the delimiter (comma or zero byte). Thanks, Bart.
