scsi: scsi_devinfo: handle non-terminated strings

author Martin Wilck <mwilck@suse.com>

Mon, 27 Nov 2017 22:47:34 +0000 (23:47 +0100)

committer Martin K. Petersen <martin.petersen@oracle.com>

Tue, 5 Dec 2017 02:54:28 +0000 (21:54 -0500)
author Martin Wilck <mwilck@suse.com>
Mon, 27 Nov 2017 22:47:34 +0000 (23:47 +0100)
committer Martin K. Petersen <martin.petersen@oracle.com>
Tue, 5 Dec 2017 02:54:28 +0000 (21:54 -0500)
diff --git a/drivers/scsi/scsi_devinfo.c b/drivers/scsi/scsi_devinfo.c

index 78d4aa8..b256d4c 100644 (file)
--- a/drivers/scsi/scsi_devinfo.c
+++ b/drivers/scsi/scsi_devinfo.c
@@ -458,7 +458,8 @@ static struct scsi_dev_info_list *scsi_dev_info_list_find(const char *vendor,
                         /*
                          * vendor strings must be an exact match
                          */
-                       if (vmax != strlen(devinfo->vendor) ||
+                       if (vmax != strnlen(devinfo->vendor,
+                                           sizeof(devinfo->vendor)) ||
                             memcmp(devinfo->vendor, vskip, vmax))
                                 continue;
  
@@ -466,7 +467,7 @@ static struct scsi_dev_info_list *scsi_dev_info_list_find(const char *vendor,
                          * @model specifies the full string, and
                          * must be larger or equal to devinfo->model
                          */
-                       mlen = strlen(devinfo->model);
+                       mlen = strnlen(devinfo->model, sizeof(devinfo->model));
                         if (mmax < mlen || memcmp(devinfo->model, mskip, mlen))
                                 continue;
                         return devinfo;
author	Martin Wilck <mwilck@suse.com>
	Mon, 27 Nov 2017 22:47:34 +0000 (23:47 +0100)
committer	Martin K. Petersen <martin.petersen@oracle.com>
	Tue, 5 Dec 2017 02:54:28 +0000 (21:54 -0500)