The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.

thanks,

greg k-h

------------------ original commit in Linus's tree ------------------

From 15d258674b5c91b9c1ae11264624d5c0d0675e8f Mon Sep 17 00:00:00 2001

From: Bart Van Assche bart.vanassche@wdc.com Date: Thu, 26 Jul 2018 14:10:37 -0700 Subject: [PATCH] scsi: qedi: Fix a potential buffer overflow

Tell snprintf() to store at most 255 characters in the output buffer instead of 256. This patch avoids that smatch reports the following warning:

drivers/scsi/qedi/qedi_main.c:891: qedi_get_boot_tgt_info() error: snprintf() is printing too much 256 vs 255

Signed-off-by: Bart Van Assche bart.vanassche@wdc.com Cc: QLogic-Storage-Upstream@cavium.com Cc: stable@vger.kernel.org Acked-by: Nilesh Javali nilesh.javali@cavium.com Signed-off-by: Martin K. Petersen martin.petersen@oracle.com

diff --git a/drivers/scsi/qedi/qedi_main.c b/drivers/scsi/qedi/qedi_main.c index 091ec1207bea..cff83b9457f7 100644 --- a/drivers/scsi/qedi/qedi_main.c +++ b/drivers/scsi/qedi/qedi_main.c @@ -888,7 +888,7 @@ static void qedi_get_boot_tgt_info(struct nvm_iscsi_block *block, ipv6_en = !!(block->generic.ctrl_flags & NVM_ISCSI_CFG_GEN_IPV6_ENABLED);

- snprintf(tgt->iscsi_name, NVM_ISCSI_CFG_ISCSI_NAME_MAX_LEN, "%s\n", + snprintf(tgt->iscsi_name, sizeof(tgt->iscsi_name), "%s\n", block->target[index].target_name.byte);

tgt->ipv6_en = ipv6_en;