From: Chen Gang <gang.chen@asianux.com>
Date: Thu, 30 May 2013 02:35:34 +0000 (+0800)
Subject: [IA64] hpsim: Fix check for overlong simscsi prefix.
X-Git-Tag: upstream/snapshot3+hdmi~4806^2~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=69cbc0464d87bfa38c0a4fe4d8bb751c1ec8cedf;p=platform%2Fadaptation%2Frenesas_rcar%2Frenesas_kernel.git

[IA64] hpsim: Fix check for overlong simscsi prefix.

When "strlen(s) > MAX_ROOT_LEN", it has already said to use the default
value, but in fact, it still use the input value.

If happens, next sprintf() for 'fname' in simscsi_queuecommand_lck()
may be memory overflow.

Signed-off-by: Chen Gang <gang.chen@asianux.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
---

diff --git a/arch/ia64/hp/sim/simscsi.c b/arch/ia64/hp/sim/simscsi.c
index 331de72..3a428f1 100644
--- a/arch/ia64/hp/sim/simscsi.c
+++ b/arch/ia64/hp/sim/simscsi.c
@@ -88,8 +88,8 @@ simscsi_setup (char *s)
 	if (strlen(s) > MAX_ROOT_LEN) {
 		printk(KERN_ERR "simscsi_setup: prefix too long---using default %s\n",
 		       simscsi_root);
-	}
-	simscsi_root = s;
+	} else
+		simscsi_root = s;
 	return 1;
 }