Re: [patch] [SCSI] mpt3sas: cut and paste bug storing trigger mpi
From: Rolf Eike Beer
Date: Fri Dec 07 2012 - 03:41:47 EST
ioc->diag_trigger_mpi is an SL_WH_MPI_TRIGGERS_T struct.
There is a cut and paste error here and SL_WH_EVENT_TRIGGERS_T is
used
instead of SL_WH_MPI_TRIGGERS_T. Since the SL_WH_EVENT_TRIGGERS_T is
smaller than SL_WH_MPI_TRIGGERS_T, it means we only clear part of the
buffer.
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
Only needed in linux-next.
This is a static analysis patch. Even though I'm pretty sure it's
correct, I'm not able to test it.
diff --git a/drivers/scsi/mpt3sas/mpt3sas_ctl.c
b/drivers/scsi/mpt3sas/mpt3sas_ctl.c
index 8af944d..3e35e64 100644
--- a/drivers/scsi/mpt3sas/mpt3sas_ctl.c
+++ b/drivers/scsi/mpt3sas/mpt3sas_ctl.c
@@ -3136,7 +3136,7 @@ _ctl_diag_trigger_mpi_store(struct device
*cdev,
spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
sz = min(sizeof(struct SL_WH_MPI_TRIGGERS_T), count);
memset(&ioc->diag_trigger_mpi, 0,
- sizeof(struct SL_WH_EVENT_TRIGGERS_T));
+ sizeof(struct SL_WH_MPI_TRIGGERS_T));
memcpy(&ioc->diag_trigger_mpi, buf, sz);
if (ioc->diag_trigger_mpi.ValidEntries > NUM_VALID_ENTRIES)
ioc->diag_trigger_mpi.ValidEntries = NUM_VALID_ENTRIES;
Then just use sizeof(ioc->diag_trigger_mpi), then it's irrelevant how
that type is ever called.
Eike
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/