| Message ID | 20150922123206.GC27407@mwanda (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Reviewed-by: Manoj Kumar <manoj@linux.vnet.ibm.com> --- Manoj Kumar On 9/22/2015 7:32 AM, Dan Carpenter wrote: > The "> MAX_CONTEXT" should be ">= MAX_CONTEXT". Otherwise we go one > step beyond the end of the cfg->ctx_tbl[] array. > > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> > > diff --git a/drivers/scsi/cxlflash/superpipe.c b/drivers/scsi/cxlflash/superpipe.c > index f1b62ce..05e0ecf 100644 > --- a/drivers/scsi/cxlflash/superpipe.c > +++ b/drivers/scsi/cxlflash/superpipe.c > @@ -1315,7 +1315,7 @@ static int cxlflash_disk_attach(struct scsi_device *sdev, > } > > ctxid = cxl_process_element(ctx); > - if (unlikely((ctxid > MAX_CONTEXT) || (ctxid < 0))) { > + if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { > dev_err(dev, "%s: ctxid (%d) invalid!\n", __func__, ctxid); > rc = -EPERM; > goto err1; > @@ -1440,7 +1440,7 @@ static int recover_context(struct cxlflash_cfg *cfg, struct ctx_info *ctxi) > } > > ctxid = cxl_process_element(ctx); > - if (unlikely((ctxid > MAX_CONTEXT) || (ctxid < 0))) { > + if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { > dev_err(dev, "%s: ctxid (%d) invalid!\n", __func__, ctxid); > rc = -EPERM; > goto err1; > -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
> On Sep 22, 2015, at 7:32 AM, Dan Carpenter <dan.carpenter@oracle.com> wrote: > > The "> MAX_CONTEXT" should be ">= MAX_CONTEXT". Otherwise we go one > step beyond the end of the cfg->ctx_tbl[] array. Acked-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com> > > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> > > diff --git a/drivers/scsi/cxlflash/superpipe.c b/drivers/scsi/cxlflash/superpipe.c > index f1b62ce..05e0ecf 100644 > --- a/drivers/scsi/cxlflash/superpipe.c > +++ b/drivers/scsi/cxlflash/superpipe.c > @@ -1315,7 +1315,7 @@ static int cxlflash_disk_attach(struct scsi_device *sdev, > } > > ctxid = cxl_process_element(ctx); > - if (unlikely((ctxid > MAX_CONTEXT) || (ctxid < 0))) { > + if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { > dev_err(dev, "%s: ctxid (%d) invalid!\n", __func__, ctxid); > rc = -EPERM; > goto err1; > @@ -1440,7 +1440,7 @@ static int recover_context(struct cxlflash_cfg *cfg, struct ctx_info *ctxi) > } > > ctxid = cxl_process_element(ctx); > - if (unlikely((ctxid > MAX_CONTEXT) || (ctxid < 0))) { > + if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { > dev_err(dev, "%s: ctxid (%d) invalid!\n", __func__, ctxid); > rc = -EPERM; > goto err1; > -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/scsi/cxlflash/superpipe.c b/drivers/scsi/cxlflash/superpipe.c index f1b62ce..05e0ecf 100644 --- a/drivers/scsi/cxlflash/superpipe.c +++ b/drivers/scsi/cxlflash/superpipe.c @@ -1315,7 +1315,7 @@ static int cxlflash_disk_attach(struct scsi_device *sdev, } ctxid = cxl_process_element(ctx); - if (unlikely((ctxid > MAX_CONTEXT) || (ctxid < 0))) { + if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { dev_err(dev, "%s: ctxid (%d) invalid!\n", __func__, ctxid); rc = -EPERM; goto err1; @@ -1440,7 +1440,7 @@ static int recover_context(struct cxlflash_cfg *cfg, struct ctx_info *ctxi) } ctxid = cxl_process_element(ctx); - if (unlikely((ctxid > MAX_CONTEXT) || (ctxid < 0))) { + if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { dev_err(dev, "%s: ctxid (%d) invalid!\n", __func__, ctxid); rc = -EPERM; goto err1;
The "> MAX_CONTEXT" should be ">= MAX_CONTEXT". Otherwise we go one step beyond the end of the cfg->ctx_tbl[] array. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html