[1894] in linux-scsi channel archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

is this a bug ?

daemon@ATHENA.MIT.EDU (Michel LESPINASSE)
Sun May 18 09:06:21 1997

Date: 	Sun, 18 May 1997 15:04:21 +0200 (CEST)
From: Michel LESPINASSE <walken@via.ecp.fr>
To: linux-scsi@vger.rutgers.edu


I dont know a lot about the linux scsi drivers code, and I was trying to
get some idea about the workings of the generic scsi code in my 2.0.30
kernel. I saw something strange in drivers/scsi/scsi_ioctl.c, around line
200, and I think it is a bug, but then, I may be wrong, too :)

    result = verify_area(VERIFY_READ, cmd_in, 
                         cmdlen + inlen > MAX_BUF ? MAX_BUF : inlen);
    if (result) return result;

    memcpy_fromfs ((void *) cmd,  cmd_in,  cmdlen);
    
    memcpy_fromfs ((void *) buf,  
                   (void *) (cmd_in + cmdlen), 
                   inlen);

I think the verify_area line should read :

    result = verify_area(VERIFY_READ, cmd_in, 
                         cmdlen+inlen > MAX_BUF ? MAX_BUF : cmdlen+inlen);
                                                            ^^^^^^^

Michel "Walken" LESPINASSE - Student at Ecole Centrale Paris (France)
           www               Email : walken@via.ecp.fr
          (o o)              VideoLan project : http://videolan.via.ecp.fr/
------oOO--(_)--OOo-------------------------------------------------------
Any sufficiently advanced bug is indistinguishable from a feature.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[1894] in linux-scsi channel archive

is this a bug ?

daemon@ATHENA.MIT.EDU (Michel LESPINASSE)Sun May 18 09:06:21 1997

daemon@ATHENA.MIT.EDU (Michel LESPINASSE)
Sun May 18 09:06:21 1997