From 46ea5bdb456b86eb95510af48b58bcbebeb55479 Mon Sep 17 00:00:00 2001 From: wangxiaomeng Date: Fri, 8 Jul 2022 09:34:38 +0800 Subject: [PATCH 1/4] sg_ses: fix crash when 'm LEN' < 252 --- 0006-sg_ses-fix-crash-when-m-LEN-252.patch | 55 ++++++++++++++++++++++ sg3_utils.spec | 9 +++- 2 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 0006-sg_ses-fix-crash-when-m-LEN-252.patch diff --git a/0006-sg_ses-fix-crash-when-m-LEN-252.patch b/0006-sg_ses-fix-crash-when-m-LEN-252.patch new file mode 100644 index 0000000..323a144 --- /dev/null +++ b/0006-sg_ses-fix-crash-when-m-LEN-252.patch @@ -0,0 +1,55 @@ +From f907fa08f9b74f9145d54b8c7595bf0d8d4951ae Mon Sep 17 00:00:00 2001 +From: wangxiaomeng +Date: Thu, 7 Jul 2022 17:26:34 +0800 +Subject: [PATCH] sg_ses: fix crash when 'm LEN' < 252 + +--- + src/sg_ses.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/src/sg_ses.c b/src/sg_ses.c +index cf344b7..dbbde63 100644 +--- a/src/sg_ses.c ++++ b/src/sg_ses.c +@@ -5523,7 +5523,7 @@ int + main(int argc, char * argv[]) + { + bool have_cgs = false; +- int k, d_len, res, resid, vb; ++ int k, n, d_len, res, resid, vb; + int sg_fd = -1; + int pd_type = 0; + int ret = 0; +@@ -5757,15 +5757,16 @@ main(int argc, char * argv[]) + } + } + clear_scsi_pt_obj(ptvp); +- memset(enc_stat_rsp, 0, 4096); ++ memset(enc_stat_rsp, 0, enc_stat_rsp_sz); + } + #endif + + if (ptvp) { +- ret = sg_ll_request_sense_pt(ptvp, false, enc_stat_rsp, +- REQUEST_SENSE_RESP_SZ, ! op->quiet, vb); ++ n = (enc_stat_rsp_sz < REQUEST_SENSE_RESP_SZ) ? enc_stat_rsp_sz : REQUEST_SENSE_RESP_SZ; ++ ret = sg_ll_request_sense_pt(ptvp, false, enc_stat_rsp, n, ++ ! op->quiet, vb); + if (0 == ret) { +- int sense_len = REQUEST_SENSE_RESP_SZ - get_scsi_pt_resid(ptvp); ++ int sense_len = n - get_scsi_pt_resid(ptvp); + struct sg_scsi_sense_hdr ssh; + + if ((sense_len > 7) && sg_scsi_normalize_sense(enc_stat_rsp, +@@ -5794,7 +5795,7 @@ main(int argc, char * argv[]) + " problems ahead\n", ret); + } + clear_scsi_pt_obj(ptvp); +- memset(enc_stat_rsp, 0, REQUEST_SENSE_RESP_SZ); ++ memset(enc_stat_rsp, 0, enc_stat_rsp_sz); + } + + if (op->nickname_str) +-- +2.27.0 + diff --git a/sg3_utils.spec b/sg3_utils.spec index 4f28d65..c8ac421 100644 --- a/sg3_utils.spec +++ b/sg3_utils.spec @@ -1,6 +1,6 @@ Name: sg3_utils Version: 1.45 -Release: 7 +Release: 8 Summary: Utilities that send SCSI commands to devices. License: GPL-2.0-or-later AND BSD URL: http://sg.danny.cz/sg/sg3_utils.html @@ -10,8 +10,10 @@ Patch0: 0000-sg3_utils-1.37-rescan-scsi-findremapped-enhance.patch Patch1: 0001-sg3_utils-1.37-rescan-downpress.patch Patch2: 0002-bugfix-sg3_utils-fix-syntax-error.patch Patch3: 0003-sg3_utils-1.42-delete-lun-rescan-scsi-bus-report-error.patch -Patch4: 0004-sg3_utils-fix-memset-coredump.patch +# Do not apply patch0004 to fix sg_ses -m LEN <252 coredump +##Patch4: 0004-sg3_utils-fix-memset-coredump.patch Patch5: 0005-sg3_utils-rescan-scsi-bus-list-all-LUNs-in-one-line.patch +Patch6: 0006-sg_ses-fix-crash-when-m-LEN-252.patch Provides: %{name}-libs Obsoletes: %{name}-libs @@ -75,6 +77,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/*.la %{_mandir}/man8/* %changelog +* Sat Jul 8 2022 wangxiaomeng - 1.45-8 +- Delete patch0004, and fix crash when 'm LEN' < 252 + * Sat Jan 29 2022 Zhiqiang Liu - 1.45-7 - rescan scsi bus list all LUNs in one line -- Gitee From 2e146175058e68b471621caca1dcc6a1c184321f Mon Sep 17 00:00:00 2001 From: wangxiaomeng Date: Fri, 8 Jul 2022 10:19:06 +0800 Subject: [PATCH 2/4] modify changelog time in spec --- sg3_utils.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sg3_utils.spec b/sg3_utils.spec index c8ac421..a9f309d 100644 --- a/sg3_utils.spec +++ b/sg3_utils.spec @@ -77,7 +77,7 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/*.la %{_mandir}/man8/* %changelog -* Sat Jul 8 2022 wangxiaomeng - 1.45-8 +* Fri Jul 8 2022 wangxiaomeng - 1.45-8 - Delete patch0004, and fix crash when 'm LEN' < 252 * Sat Jan 29 2022 Zhiqiang Liu - 1.45-7 -- Gitee From 2b56c64beef0e8e153ca809d0f7c973135cb888a Mon Sep 17 00:00:00 2001 From: wangxiaomeng Date: Fri, 8 Jul 2022 14:32:28 +0800 Subject: [PATCH 3/4] backport patch for sg_ses coredump --- 0006-sg_ses-fix-crash-when-m-LEN-252.patch | 39 +++++++++++++++++----- 1 file changed, 30 insertions(+), 9 deletions(-) diff --git a/0006-sg_ses-fix-crash-when-m-LEN-252.patch b/0006-sg_ses-fix-crash-when-m-LEN-252.patch index 323a144..ee9de42 100644 --- a/0006-sg_ses-fix-crash-when-m-LEN-252.patch +++ b/0006-sg_ses-fix-crash-when-m-LEN-252.patch @@ -1,14 +1,34 @@ -From f907fa08f9b74f9145d54b8c7595bf0d8d4951ae Mon Sep 17 00:00:00 2001 -From: wangxiaomeng -Date: Thu, 7 Jul 2022 17:26:34 +0800 +From bfbefdf2d9aa12107d08d796d6fc78862ab85402 Mon Sep 17 00:00:00 2001 +From: Douglas Gilbert +Date: Sun, 1 Aug 2021 03:14:05 +0000 Subject: [PATCH] sg_ses: fix crash when 'm LEN' < 252 +git-svn-id: https://svn.bingwo.ca/repos/sg3_utils/trunk@907 6180dd3e-e324-4e3e-922d-17de1ae2f315 --- - src/sg_ses.c | 13 +++++++------ - 1 file changed, 7 insertions(+), 6 deletions(-) + ChangeLog | 3 +- + src/sg_ses.c | 14 +++++++------ + 2 files changed, 10 insertions(+), 7 deletions(-) +diff --git a/ChangeLog b/ChangeLog +index 742619c..9477769 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -2,11 +2,12 @@ Each utility has its own version number, date of last change and + some description at the top of its ".c" file. All utilities in the main + directory have their own "man" pages. There is also a sg3_utils man page. + +-Changelog for pre-release sg3_utils-1.47 [20210729] [svn: r906] ++Changelog for pre-release sg3_utils-1.47 [20210731] [svn: r907] + - sg_rep_zones: add support for REPORT ZONE DOMAINS and + REPORT REALMS in this utility + - sg_raw: fix prints of NVMe NVM command names + - sg_ses: fix Windows problem "No command (cdb) given" ++ - fix crash when 'm LEN' < 252 + - sg_logs: additions to Volume statistics lpage [ssc5r05c] + - sg_vpd: fix do_hex type on some recent pages + - sg_read_buffer: fix --length= problem diff --git a/src/sg_ses.c b/src/sg_ses.c -index cf344b7..dbbde63 100644 +index b9ac2e4..701359b 100644 --- a/src/sg_ses.c +++ b/src/sg_ses.c @@ -5523,7 +5523,7 @@ int @@ -20,7 +40,7 @@ index cf344b7..dbbde63 100644 int sg_fd = -1; int pd_type = 0; int ret = 0; -@@ -5757,15 +5757,16 @@ main(int argc, char * argv[]) +@@ -5757,15 +5757,17 @@ main(int argc, char * argv[]) } } clear_scsi_pt_obj(ptvp); @@ -32,7 +52,8 @@ index cf344b7..dbbde63 100644 if (ptvp) { - ret = sg_ll_request_sense_pt(ptvp, false, enc_stat_rsp, - REQUEST_SENSE_RESP_SZ, ! op->quiet, vb); -+ n = (enc_stat_rsp_sz < REQUEST_SENSE_RESP_SZ) ? enc_stat_rsp_sz : REQUEST_SENSE_RESP_SZ; ++ n = (enc_stat_rsp_sz < REQUEST_SENSE_RESP_SZ) ? enc_stat_rsp_sz : ++ REQUEST_SENSE_RESP_SZ; + ret = sg_ll_request_sense_pt(ptvp, false, enc_stat_rsp, n, + ! op->quiet, vb); if (0 == ret) { @@ -41,7 +62,7 @@ index cf344b7..dbbde63 100644 struct sg_scsi_sense_hdr ssh; if ((sense_len > 7) && sg_scsi_normalize_sense(enc_stat_rsp, -@@ -5794,7 +5795,7 @@ main(int argc, char * argv[]) +@@ -5801,7 +5825,7 @@ main(int argc, char * argv[]) " problems ahead\n", ret); } clear_scsi_pt_obj(ptvp); -- Gitee From 472a4b21b8d6df1c74bb7be70fe799d8669c3ff6 Mon Sep 17 00:00:00 2001 From: wangxiaomeng Date: Fri, 8 Jul 2022 14:57:44 +0800 Subject: [PATCH 4/4] backport patch for sg_ses coredump --- 0006-sg_ses-fix-crash-when-m-LEN-252.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/0006-sg_ses-fix-crash-when-m-LEN-252.patch b/0006-sg_ses-fix-crash-when-m-LEN-252.patch index ee9de42..a106d89 100644 --- a/0006-sg_ses-fix-crash-when-m-LEN-252.patch +++ b/0006-sg_ses-fix-crash-when-m-LEN-252.patch @@ -62,7 +62,7 @@ index b9ac2e4..701359b 100644 struct sg_scsi_sense_hdr ssh; if ((sense_len > 7) && sg_scsi_normalize_sense(enc_stat_rsp, -@@ -5801,7 +5825,7 @@ main(int argc, char * argv[]) +@@ -5794,7 +5796,7 @@ main(int argc, char * argv[]) " problems ahead\n", ret); } clear_scsi_pt_obj(ptvp); -- Gitee