[dm-devel] [PATCH 05/21] libmultipath (coverity): improve input checking in parse_vpd_pg83
Martin Wilck
mwilck at suse.com
Tue Nov 30 21:59:18 UTC 2021
On Tue, 2021-11-30 at 15:14 -0600, Benjamin Marzinski wrote:
> >
> > If you think we should use a different strategy, please explain.
> > We *could* try to go on even after encountering broken designators,
> > assuming the length field is correct if it's within the given
> > limits,
> > even if the rest is bogus. So baiscally instead of the break
> > statement
> > above, we'd continue the loop.
> >
> > Would you prefer that?
>
> Again looking at sg_inq, it will loop through all the descriptors,
> trusting the length field, until it gets to the whole data length. It
> prints a warning if it doesn't end up at exactly the data length, but
> still exports all the IDs it finds. If an individual descriptor
> doesn't
> make sense, it gets skipped. That would be my preference.
Ok, I'll try to fix it up.
Martin
More information about the dm-devel
mailing list