[Bug 264848] mpr0: mpr_user_pass_thru: user reply buffer (64) smaller than returned buffer (68)

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 22 Feb 2023 16:29:53 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264848

--- Comment #7 from Alan Somers <asomers@FreeBSD.org> ---
Mark's guess is incorrect.  I'm seeing this issue too, and msg_version is in
fact 2.5.  I can't find anywhere in the code that sizes a buffer based on
msg_version.  In fact, I can't find anywhere that even sets the MsgLength
field, so I'm guessing that it gets set by the firmware.  Unless somebody has
accurate documentation for how the firmware handles MPI2_FUNCTION_IOC_FACTS, I
think we should just unconditionally allocate sufficient space in mprutil for
the larger reply.  And we should do the same in mpr_get_iocfacts as well.

BTW, this is the commit that originally added an extra four bytes to the reply
buffer.
https://github.com/freebsd/freebsd-src/commit/69e85eb8ae4919e0806bc2957cbc4a33f9138b54

-- 
You are receiving this mail because:
You are the assignee for the bug.