upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-15 00:34:33 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/dev/firewire
History
Alan Somers 4195c7de24 Always null-terminate ccb_pathinq.(sim_vid|hba_vid|dev_name) 
The sim_vid, hba_vid, and dev_name fields of struct ccb_pathinq are
fixed-length strings. AFAICT the only place they're read is in
sbin/camcontrol/camcontrol.c, which assumes they'll be null-terminated.
However, the kernel doesn't null-terminate them. A bunch of copy-pasted code
uses strncpy to write them, and doesn't guarantee null-termination. For at
least 4 drivers (mpr, mps, ciss, and hyperv), the hba_vid field actually
overflows. You can see the result by doing "camcontrol negotiate da0 -v".

This change null-terminates those fields everywhere they're set in the
kernel. It also shortens a few strings to ensure they'll fit within the
16-character field.

PR:		215474
Reported by:	Coverity
CID:		1009997 1010000 1010001 1010002 1010003 1010004 1010005
CID:		1331519 1010006 1215097 1010007 1288967 1010008 1306000
CID:		1211924 1010009 1010010 1010011 1010012 1010013 1010014
CID:		1147190 1010017 1010016 1010018 1216435 1010020 1010021
CID:		1010022 1009666 1018185 1010023 1010025 1010026 1010027
CID:		1010028 1010029 1010030 1010031 1010033 1018186 1018187
CID:		1010035 1010036 1010042 1010041 1010040 1010039
Reviewed by:	imp, sephe, slm
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D9037
Differential Revision:	https://reviews.freebsd.org/D9038
2017-01-04 20:26:42 +00:00
..
00README
firewire.c firewire: initialize tag label to -1 in fw_xfer_alloc() 2016-11-24 09:47:56 +00:00
firewire.h
firewire_phy.h
firewirereg.h
fwcrom.c
fwdev.c Remove NULL checks after M_WAITOK allocations from firewire. 2016-05-10 10:21:03 +00:00
fwdma.c Remove NULL checks after M_WAITOK allocations from firewire. 2016-05-10 10:21:03 +00:00
fwdma.h
fwmem.c Remove NULL checks after M_WAITOK allocations from firewire. 2016-05-10 10:21:03 +00:00
fwmem.h
fwohci.c fwohci: report whether PhysicalUpperBound register is implemented 2016-11-24 09:43:42 +00:00
fwohci_pci.c
fwohcireg.h
fwohcivar.h
fwphyreg.h
iec13213.h
iec68113.h
if_fwe.c Remove NULL checks after M_WAITOK allocations from firewire. 2016-05-10 10:21:03 +00:00
if_fwevar.h
if_fwip.c sys/dev: minor spelling fixes. 2016-05-03 03:41:25 +00:00
if_fwipvar.h
sbp.c Always null-terminate ccb_pathinq.(sim_vid|hba_vid|dev_name) 2017-01-04 20:26:42 +00:00
sbp.h
sbp_targ.c Always null-terminate ccb_pathinq.(sim_vid|hba_vid|dev_name) 2017-01-04 20:26:42 +00:00