|
@@ -0,0 +1,17 @@
|
|
|
+Subject: Check amount of data read from network before using it
|
|
|
+Origin: aoetools-36-2-ge50247f <https://github.com/OpenAoE/aoetools/commit/aoetools-36-2-ge50247f>
|
|
|
+Upstream-Author: Ed Cashin <ed.cashin@acm.org>
|
|
|
+Date: Tue Jun 16 21:10:15 2015 -0400
|
|
|
+
|
|
|
+--- a/aoeping.c
|
|
|
++++ b/aoeping.c
|
|
|
+@@ -359,6 +359,9 @@
|
|
|
+ }
|
|
|
+ n = aoe_pkt_read(buf, sizeof buf, c, tag);
|
|
|
+ p = (Ata *) buf;
|
|
|
++ /* We're expecting the AoE and ATA header plus 512 bytes of SMART */
|
|
|
++ if (n < 512 + (&p->data[0] - (uchar *) p))
|
|
|
++ exit(EXIT_FAILURE);
|
|
|
+ if (show_smart_regs(p) != 0)
|
|
|
+ exit(EXIT_FAILURE);
|
|
|
+ if (s->data & SmartDataRet) {
|