Whilst I mostly like this patch, and it appears to be much cleaner than
the bodgy "solution" I came up with a few years back, perhaps there is
something here worth mentioning:
> + snprintf(devname, sizeof(devname), "%s%d", blkname,
> + DISKUNIT(bd->bd_dev));
> TAILQ_FOREACH(sd, &sc->sc_dis_list, sd_link) {
> - if (!strncmp(sd->sd_meta->ssd_devname, bd->bd_dev,
> + if (!strncmp(sd->sd_meta->ssd_devname, devname,
> sizeof(sd->sd_meta->ssd_devname)))
> break;
> }
The output of snprintf() isn't checked for overflowing. Though I think
the possibility of anything greater than "sd9999999999999" is low,
probably even zero, I'm still of the view that it is not a bad idea to
code defensively.
If the above case was indeed satisfied, you would get the wrong
device. sd1000000000000, missing a zero, for example.
Might be worth something like this:
if(snprintf(devname, sizeof(devname), "%s%d", blkname,
DISKUNIT(bd->bd_dev)) >= sizeof(devname))
/* error */
Something like that perhaps.
(disclaimer: I'm not a dev; I'm not sure if they would consider it
overkill or precaution).
