scsi: libfc: Correct the condition check and invalid argument passed

Incorrect condition check was leading to data corruption.

Link: https://lore.kernel.org/r/20210603101404.7841-3-jhasan@marvell.com
Fixes: 8fd9efca86d0 ("scsi: libfc: Work around -Warray-bounds warning")
CC: stable@vger.kernel.org
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Signed-off-by: Javed Hasan <jhasan@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

diff --git a/drivers/scsi/libfc/fc_encode.h b/drivers/scsi/libfc/fc_encode.h
index 602c97a..9ea4cea 100644 (file)
--- a/drivers/scsi/libfc/fc_encode.h
+++ b/drivers/scsi/libfc/fc_encode.h
@@ -166,9 +166,11 @@ static inline int fc_ct_ns_fill(struct fc_lport *lport,
 static inline void fc_ct_ms_fill_attr(struct fc_fdmi_attr_entry *entry,
                                    const char *in, size_t len)
 {
-       int copied = strscpy(entry->value, in, len);
-       if (copied > 0)
-               memset(entry->value, copied, len - copied);
+       int copied;
+
+       copied = strscpy((char *)&entry->value, in, len);
+       if (copied > 0 && (copied + 1) < len)
+               memset((entry->value + copied + 1), 0, len - copied - 1);
 }
 
 /**