git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Dan Carpenter <dan.carpenter@linaro.org>
	Wed, 8 May 2024 07:43:04 +0000 (10:43 +0300)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 30 May 2024 07:48:56 +0000 (09:48 +0200)
commit	a06725cb75110f0c0ae39fb8fb2f7104142224c5
tree	7dd90bd3201f277336264e56c11a833ed319a61d	tree
parent	16e3182f6322575eb7c12e728ad3c7986a189d5d	commit \| diff

nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists()

[ Upstream commit d15dcd0f1a4753b57e66c64c8dc2a9779ff96aab ]

The nsid value is a u32 that comes from nvmet_req_find_ns().  It's
endian data and we're on an error path and both of those raise red
flags.  So let's make this safer.

1) Make the buffer large enough for any u32.
2) Remove the unnecessary initialization.
3) Use snprintf() instead of sprintf() for even more safety.
4) The sprintf() function returns the number of bytes printed, not
   counting the NUL terminator. It is impossible for the return value to
   be <= 0 so delete that.

Fixes: 505363957fad ("nvmet: fix nvme status code when namespace is disabled")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>