[Qemu-devel] [PATCH] scsi: handle the special parameters

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH] scsi: handle the special parameters
@ 2018-01-15  4:16 linzhecheng
  2018-01-15  9:29 ` Paolo Bonzini
  0 siblings, 1 reply; 2+ messages in thread
From: linzhecheng @ 2018-01-15  4:16 UTC (permalink / raw)
  To: qemu-devel; +Cc: famz, pbonzini, wangxinxin.wang, linzhecheng

scsi_disk_emulate_command calls
scsi_build_sense(NULL, 0, outbuf, r->buflen,
                                  (req->cmd.buf[1] & 1) == 0);
But scsi_convert_sense doesn't handle the case when in_buf is NULL
or in_len is 0, which will lead to segfault.

Signed-off-by: linzhecheng <linzhecheng@huawei.com>
---
 scsi/utils.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scsi/utils.c b/scsi/utils.c
index ddae650a99..b769e80c12 100644
--- a/scsi/utils.c
+++ b/scsi/utils.c
@@ -322,6 +322,10 @@ int scsi_convert_sense(uint8_t *in_buf, int in_len,
     SCSISense sense;
     bool fixed_in;
 
+    if (!in_buf || !in_len) {
+        return 0;
+    }
+
     fixed_in = (in_buf[0] & 2) == 0;
     if (in_len && fixed == fixed_in) {
         memcpy(buf, in_buf, MIN(len, in_len));
-- 
2.12.2.windows.2

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [Qemu-devel] [PATCH] scsi: handle the special parameters
  2018-01-15  4:16 [Qemu-devel] [PATCH] scsi: handle the special parameters linzhecheng
@ 2018-01-15  9:29 ` Paolo Bonzini
  0 siblings, 0 replies; 2+ messages in thread
From: Paolo Bonzini @ 2018-01-15  9:29 UTC (permalink / raw)
  To: linzhecheng, qemu-devel; +Cc: famz, wangxinxin.wang

On 15/01/2018 05:16, linzhecheng wrote:
> scsi_disk_emulate_command calls
> scsi_build_sense(NULL, 0, outbuf, r->buflen,
>                                   (req->cmd.buf[1] & 1) == 0);
> But scsi_convert_sense doesn't handle the case when in_buf is NULL
> or in_len is 0, which will lead to segfault.
> 

This is already fixed in my last pull request.

Paolo

> Signed-off-by: linzhecheng <linzhecheng@huawei.com>
> ---
>  scsi/utils.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/scsi/utils.c b/scsi/utils.c
> index ddae650a99..b769e80c12 100644
> --- a/scsi/utils.c
> +++ b/scsi/utils.c
> @@ -322,6 +322,10 @@ int scsi_convert_sense(uint8_t *in_buf, int in_len,
>      SCSISense sense;
>      bool fixed_in;
>  
> +    if (!in_buf || !in_len) {
> +        return 0;
> +    }
> +
>      fixed_in = (in_buf[0] & 2) == 0;
>      if (in_len && fixed == fixed_in) {
>          memcpy(buf, in_buf, MIN(len, in_len));
> 

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2018-01-15  9:29 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-01-15  4:16 [Qemu-devel] [PATCH] scsi: handle the special parameters linzhecheng
2018-01-15  9:29 ` Paolo Bonzini

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).