From 0fec02c93f60fb44ba3a24a0d3e4a52521d34d3f Mon Sep 17 00:00:00 2001 From: HighPoint Linux Team Date: Mon, 15 Oct 2007 14:42:52 +0800 Subject: [SCSI] hptiop: avoid buffer overflow when returning sense data The newer firmware may return more than 96 bytes of sense data when it does autosense. Truncate this to the size of the SCSI layer sense buffer to avoid an overrun. Signed-off-by: HighPoint Linux Team Signed-off-by: James Bottomley --- drivers/scsi/hptiop.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/hptiop.c b/drivers/scsi/hptiop.c index 8515054cdf7..0844331abb8 100644 --- a/drivers/scsi/hptiop.c +++ b/drivers/scsi/hptiop.c @@ -375,8 +375,9 @@ static void hptiop_host_request_callback(struct hptiop_hba *hba, u32 _tag) scp->result = SAM_STAT_CHECK_CONDITION; memset(&scp->sense_buffer, 0, sizeof(scp->sense_buffer)); - memcpy(&scp->sense_buffer, - &req->sg_list, le32_to_cpu(req->dataxfer_length)); + memcpy(&scp->sense_buffer, &req->sg_list, + min(sizeof(scp->sense_buffer), + le32_to_cpu(req->dataxfer_length))); break; default: -- cgit v1.2.3-18-g5258