scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump()
authorBart Van Assche <bvanassche@acm.org>
Mon, 29 Jun 2020 22:54:52 +0000 (15:54 -0700)
committerMartin K. Petersen <martin.petersen@oracle.com>
Wed, 1 Jul 2020 03:12:23 +0000 (23:12 -0400)
commit57fec9f24e580d8fe4219ee89572f49758e62c75
tree490e74f31ad904043809f8e282371647f1d64c2a
parentf8f12bda53eae87ca2dea42b36d19e48c9851b9f
scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump()

'cnt' can exceed the size of the risc_ram[] array. Prevent that Coverity
complains by rewriting an address calculation expression. This patch fixes
the following Coverity complaint:

CID 337803 (#1 of 1): Out-of-bounds read (OVERRUN)
109. overrun-local: Overrunning array of 122880 bytes at byte offset 122880
by dereferencing pointer &fw->risc_ram[cnt].

Link: https://lore.kernel.org/r/20200629225454.22863-8-bvanassche@acm.org
Cc: Nilesh Javali <njavali@marvell.com>
Cc: Quinn Tran <qutran@marvell.com>
Cc: Himanshu Madhani <himanshu.madhani@oracle.com>
Cc: Martin Wilck <mwilck@suse.com>
Cc: Roman Bolshakov <r.bolshakov@yadro.com>
Reviewed-by: Daniel Wagner <dwagner@suse.de>
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
drivers/scsi/qla2xxx/qla_dbg.c
drivers/scsi/qla2xxx/qla_dbg.h