[Spice-devel] [PATCH spice-gtk v2 20/33] fixup! usb-redir: add files for SCSI and USB MSC implementation

Fri Aug 9 14:26:38 UTC 2019

Do not return negative values from scsi_cdb_length.
The value get written in cbd_len field with is unsigned and
use to represent the used length of a buffer, avoid possible
potential future overflows due to it.
---
 src/cd-scsi.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/cd-scsi.c b/src/cd-scsi.c
index d039e3c4..3c1f0b3e 100644
--- a/src/cd-scsi.c
+++ b/src/cd-scsi.c
@@ -734,9 +734,9 @@ static void strpadcpy(char *buf, int buf_size, const char *str, char pad)
 
 /* SCSI CDB */
 
-static int scsi_cdb_length(const uint8_t *cdb)
+static unsigned int scsi_cdb_length(const uint8_t *cdb)
 {
-    int cdb_len;
+    unsigned int cdb_len;
 
     switch (cdb[0] >> 5) {
     case 0:
@@ -753,7 +753,7 @@ static int scsi_cdb_length(const uint8_t *cdb)
         cdb_len = 12;
         break;
     default:
-        cdb_len = -1;
+        cdb_len = 0;
     }
     return cdb_len;
 }
-- 
2.20.1

