linux/drivers/target/iscsi at fea9037ebedd7f0b0ef56239efe9857fcfed4e21 - linux - sys114

shinys000114/linux

mirror of https://github.com/hardkernel/linux.git synced 2026-04-14 17:40:41 +09:00

Files

History

Roland Dreier d5c55fa31a iscsi-target: Fix wrong buffer / buffer overrun in iscsi_change_param_value()

commit 79d59d0808 upstream.

In non-leading connection login, iscsi_login_non_zero_tsih_s1() calls
iscsi_change_param_value() with the buffer it uses to hold the login
PDU, not a temporary buffer.  This leads to the login header getting
corrupted and login failing for non-leading connections in MC/S.

Fix this by adding a wrapper iscsi_change_param_sprintf() that handles
the temporary buffer itself to avoid confusion.  Also handle sending a
reject in case of failure in the wrapper, which lets the calling code
get quite a bit smaller and easier to read.

Finally, bump the size of the temporary buffer from 32 to 64 bytes to be
safe, since "MaxRecvDataSegmentLength=" by itself is 25 bytes; with a
trailing NUL, a value >= 1M will lead to a buffer overrun.  (This isn't
the default but we don't need to run right at the ragged edge here)

(Fix up context changes for v3.10.y - nab)

Reported-by: Santosh Kulkarni <santosh.kulkarni@calsoftinc.com>
Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2014-06-16 13:42:53 -07:00

..

iscsi_target_auth.c

iscsi-target: chap auth shouldn't match username with trailing garbage

2013-12-04 10:56:15 -08:00

iscsi_target_auth.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_configfs.c

iscsi-target: Fix mutex_trylock usage in iscsit_increment_maxcmdsn

2013-12-04 10:56:14 -08:00

iscsi_target_configfs.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_core.h

Target/iscsi,iser: Avoid accepting transport connections during stop stage

2014-06-16 13:42:53 -07:00

iscsi_target_datain_values.c

target/iscsi: Eliminate iscsi_cmd.data_length

2012-04-14 17:40:38 -07:00

iscsi_target_datain_values.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_device.c

iscsi-target: Fix mutex_trylock usage in iscsit_increment_maxcmdsn

2013-12-04 10:56:14 -08:00

iscsi_target_device.h

target/iscsi: Remove unneeded wrapper functions

2012-02-25 14:37:47 -08:00

iscsi_target_erl0.c

iscsi-target: Fix iscsit_add_reject* usage for iser

2013-08-04 16:51:17 +08:00

iscsi_target_erl0.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_erl1.c

iscsi-target: Fix iscsit_sequence_cmd reject handling for iser

2013-08-04 16:51:17 +08:00

iscsi_target_erl1.h

iscsit: use the itt_t abstract type

2012-10-03 14:21:50 -07:00

iscsi_target_erl2.c

iscsi/iser-target: Use list_del_init for ->i_conn_node

2014-03-23 21:38:21 -07:00

iscsi_target_erl2.h

iscsit: proper endianess conversions

2012-10-03 14:39:22 -07:00

iscsi_target_login.c

iscsi-target: Fix wrong buffer / buffer overrun in iscsi_change_param_value()

2014-06-16 13:42:53 -07:00

iscsi_target_login.h

iscsi-target: Initial traditional TCP conversion to iscsit_transport

2013-04-25 01:05:26 -07:00

iscsi_target_nego.c

iscsi-target: fix extract_param to handle buffer length corner case

2013-12-04 10:56:15 -08:00

iscsi_target_nego.h

iscsi-target: Initial traditional TCP conversion to iscsit_transport

2013-04-25 01:05:26 -07:00

iscsi_target_nodeattrib.c

iscsi-target: remove improper externs

2012-03-17 18:07:04 -07:00

iscsi_target_nodeattrib.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_parameters.c

iscsi-target: fix heap buffer overflow on error

2013-05-30 18:07:54 -07:00

iscsi_target_parameters.h

iscsi-target: fix heap buffer overflow on error

2013-05-30 18:07:54 -07:00

iscsi_target_seq_pdu_list.c

iscsi-target: Change iscsi_target_seq_pdu_list.c to honor MaxXmitDataSegmentLength

2012-10-02 13:17:33 -07:00

iscsi_target_seq_pdu_list.h

target/iscsi: Fold _decide_list_to_build into _build_pdu_and_seq_lists

2012-04-14 17:40:38 -07:00

iscsi_target_stat.c

target: don't truncate the fail intr address

2013-02-13 11:27:58 -08:00

iscsi_target_stat.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_tmr.c

iscsi-target: Refactor TX queue logic + export response PDU creation

2013-04-25 01:05:27 -07:00

iscsi_target_tmr.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_tpg.c

iser-target: Fix multi network portal shutdown regression

2014-06-16 13:42:53 -07:00

iscsi_target_tpg.h

iscsi-target: Add iSCSI fabric support for target v4.1

2011-07-26 09:16:43 +00:00

iscsi_target_tq.c

iscsi-target: Use list_first_entry() where appropriate

2012-11-06 20:55:45 -08:00

iscsi_target_tq.h

iscsit: mark various functions static

2012-10-02 14:41:59 -07:00

iscsi_target_transport.c

iscsi-target: Add iscsit_transport API template

2013-04-25 01:05:26 -07:00

iscsi_target_util.c

iscsi-target: Only perform wait_for_tasks when performing shutdown

2013-10-13 16:08:34 -07:00

iscsi_target_util.h

iscsi-target: Fix iscsit_sequence_cmd reject handling for iser

2013-08-04 16:51:17 +08:00

iscsi_target.c

iser-target: Fix multi network portal shutdown regression

2014-06-16 13:42:53 -07:00

iscsi_target.h

iscsi-target: Fix iscsit_add_reject* usage for iser

2013-08-04 16:51:17 +08:00

Kconfig

target: iscsi_target depends on NET

2011-07-28 20:16:18 +00:00

Makefile

iscsi-target: Add iscsit_transport API template

2013-04-25 01:05:26 -07:00