projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 32690e0)
scsi: osst: silence underflow warning in osst_verify_frame()
authorDan Carpenter <dan.carpenter@oracle.com>
Fri, 4 Aug 2017 08:17:33 +0000 (11:17 +0300)
committerMartin K. Petersen <martin.petersen@oracle.com>
Fri, 25 Aug 2017 02:29:01 +0000 (22:29 -0400)
The code looks like this:

i = ntohl(aux->filemark_cnt);
if (STp->header_cache != NULL && i < OS_FM_TAB_MAX && (i > STp->filemark_cnt ||
    STp->first_frame_position - 1 != ntohl(STp->header_cache->dat_fm_tab.fm_tab_ent[i]))) {

If i is negative then it's less than OS_FM_TAB_MAX so we read before
the start of the STp->header_cache->dat_fm_tab.fm_tab_ent[] array.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
drivers/scsi/osst.c patch | blob | blame | history

diff --git a/drivers/scsi/osst.c b/drivers/scsi/osst.c
index 241908aca46850c435b05ffa1dfb4840f92c0399..20ec1c01dbd5d1e0595aa41e397b898131f9d255 100644 (file)
--- a/drivers/scsi/osst.c
+++ b/drivers/scsi/osst.c
@@ -619,7 +619,7 @@ static int osst_verify_frame(struct osst_tape * STp, int frame_seq_number, int q
        os_aux_t           * aux  = STp->buffer->aux;
        os_partition_t     * par  = &(aux->partition);
        struct st_partstat * STps = &(STp->ps[STp->partition]);
-       int                  blk_cnt, blk_sz, i;
+       unsigned int         blk_cnt, blk_sz, i;
 
        if (STp->raw) {
                if (STp->buffer->syscall_result) {