CVS commit: src/sys/dev/scsipi

Sun, 28 Aug 2022 03:26:46 -0700 

Module Name:    src
Committed By:   mlelstv
Date:           Sun Aug 28 10:26:37 UTC 2022

Modified Files:
        src/sys/dev/scsipi: sd.c sdvar.h

Log Message:
Don't fetch data beyond end of inquiry buffer, which, here, is not
NUL-terminated.

Reduce target buffer to needed size (product name + NUL terminator).


To generate a diff of this commit:
cvs rdiff -u -r1.334 -r1.335 src/sys/dev/scsipi/sd.c
cvs rdiff -u -r1.39 -r1.40 src/sys/dev/scsipi/sdvar.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/dev/scsipi/sd.c
diff -u src/sys/dev/scsipi/sd.c:1.334 src/sys/dev/scsipi/sd.c:1.335
--- src/sys/dev/scsipi/sd.c:1.334	Mon Mar 28 12:39:46 2022
+++ src/sys/dev/scsipi/sd.c	Sun Aug 28 10:26:37 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: sd.c,v 1.334 2022/03/28 12:39:46 riastradh Exp $	*/
+/*	$NetBSD: sd.c,v 1.335 2022/08/28 10:26:37 mlelstv Exp $	*/
 
 /*-
  * Copyright (c) 1998, 2003, 2004 The NetBSD Foundation, Inc.
@@ -47,7 +47,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sd.c,v 1.334 2022/03/28 12:39:46 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sd.c,v 1.335 2022/08/28 10:26:37 mlelstv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_scsi.h"
@@ -258,9 +258,8 @@ sdattach(device_t parent, device_t self,
 	SC_DEBUG(periph, SCSIPI_DB2, ("sdattach: "));
 
 	sd->type = (sa->sa_inqbuf.type & SID_TYPE);
-	strncpy(sd->name, sa->sa_inqbuf.product, sizeof(sd->name));
-
-	strncpy(sd->typename, sa->sa_inqbuf.product, sizeof(sd->typename));
+	memcpy(sd->name, sa->sa_inqbuf.product, uimin(16, sizeof(sd->name)));
+	memcpy(sd->typename, sa->sa_inqbuf.product, uimin(16, sizeof(sd->typename)));
 
 	if (sd->type == T_SIMPLE_DIRECT)
 		periph->periph_quirks |= PQUIRK_ONLYBIG | PQUIRK_NOBIGMODESENSE;

Index: src/sys/dev/scsipi/sdvar.h
diff -u src/sys/dev/scsipi/sdvar.h:1.39 src/sys/dev/scsipi/sdvar.h:1.40
--- src/sys/dev/scsipi/sdvar.h:1.39	Tue Mar 19 06:59:40 2019
+++ src/sys/dev/scsipi/sdvar.h	Sun Aug 28 10:26:37 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: sdvar.h,v 1.39 2019/03/19 06:59:40 mlelstv Exp $	*/
+/*	$NetBSD: sdvar.h,v 1.40 2022/08/28 10:26:37 mlelstv Exp $	*/
 
 /*-
  * Copyright (c) 1998, 2004 The NetBSD Foundation, Inc.
@@ -88,7 +88,7 @@ struct sd_softc {
 	callout_t sc_callout;
 	u_int8_t type;
 	char name[16]; /* product name, for default disklabel */
-	char typename[128+4+1]; /* stored in disk info */
+	char typename[16+1]; /* stored in disk info */
 };
 
 #define	SDGP_RESULT_OK		0	/* parameters obtained */

Reply via email to