Web lists-archives.com

[BUG] scsi: ses: out of bound accessing in ses_enclosure_data_process




Dear all

When our customer probe the lpfc devices, they encountered odd memory corruption issues,
and we get 'out of bound' access warning at following position after open KASAN

ses_enclosure_data_process

for (i = 0; i < types; i++, type_ptr += 4) {
  for (j = 0; j < type_ptr[1]; j++) {
                   ^^^^^^^^^^^
                   out of bound

With some debug log, I got following,

page1 ffff88042d1aad20 len 32 types 5 type_ptr ffff88042d1aad64

Would anyone please give some suggestions on this ?

Thanks
Jianchao