packages/sysmaster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
sysmaster/backport-fix-devmaster-fix-potential-integer-overflow-in-scsi.patch

29 lines
925 B
Diff
Raw Permalink Normal View History

sync patches from upstream
2023-12-07 00:19:38 +08:00
From f57218f2439ec7f0920af7f9e446ce3449944c7c Mon Sep 17 00:00:00 2001
From: chenjiayi <chenjiayi22@huawei.com>
Date: Thu, 2 Nov 2023 19:47:28 +0800
Subject: [PATCH 022/103] fix(devmaster): fix potential integer overflow in
scsi_id
The buffer is a u8 vector, whose element may overflow if it add 4
before changing type to usize.
---
exts/devmaster/src/bin/tools/scsi_id/main.rs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/exts/devmaster/src/bin/tools/scsi_id/main.rs b/exts/devmaster/src/bin/tools/scsi_id/main.rs
index 8098c8bf..0e621cd3 100644
--- a/exts/devmaster/src/bin/tools/scsi_id/main.rs
+++ b/exts/devmaster/src/bin/tools/scsi_id/main.rs
@@ -1158,7 +1158,7 @@ fn do_scsi_page80_inquiry(
return 1;
}
- let len: usize = (buffer[3] + 4) as usize;
+ let len: usize = buffer[3] as usize + 4;
if get_serial {
dev_scsi.serial = "S".to_string();
--
2.33.0
Reference in New Issue Copy Permalink