current-users: Re: sys/dev/scsipi/scsipi

Subject: Re: sys/dev/scsipi/scsipi_base.c
To: Paul Goyette <paul@whooppee.com>
From: Bill Stouder-Studenmund <wrstuden@netbsd.org>
List: current-users
Date: 01/09/2008 22:10:01
--tEFtbjk+mNEviIIX
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Jan 06, 2008 at 06:08:43AM -0800, Paul Goyette wrote:
> On Sun, 6 Jan 2008, John Nemeth wrote:
>=20
> >On May 29,  5:30am, David Laight wrote:
> >} On Sun, Jan 06, 2008 at 03:41:49AM -0700, John R. Shannon wrote:
> >} > Line 1124 has:
> >} >
> >} > memcpy(inqbuf->vendor, "ADAPTEC ACB-4000            ", 28);
> >} >
> >} > and line 1144 has:
> >} >
> >} > memcpy(inqbuf->vendor, "EMULEX  MT-02 QIC           ", 28);
> >} >
> >} > yet inqbuf->vendor is declared in struct scsipi_inquiry_data as:
> >} >
> >} > char    vendor[8];
> >}
> >} and is followed by:
> >}   char    product[16];
> >}   char    revision[4];
> >} so the memcpy updates all 3 fields :-)
> >
> >    That is extremely grotty code!
>=20
> Shouldn't we at least replace the constant 28 with a macro that gives a=
=20
> hint of what's going on?

Yes.

This also would help w/ smb's comment about cscope'ing variables. When you=
=20
see the definitio below, it'll let a reader know s/he needs to add=20
INQBUF_TRIPLET_SIZE to the search list.

> #define INQBUF_TRIPLET_SIZE (sizeof(inqbuf->vendor) + \
>                              sizeof(inqbuf->product) + \
>                              sizeof(inqbuf->revision))
>=20
> It's still going to be grotty code, and won't address the issue of a=20
> "perverse introduction of gratuitous padding" mentioned in another=20
> message in this thread, but at least a reader would have some idea that=
=20
> the constant used in the memcpy() has some "interesting" implications.

The thing is that if the padding changes, the whole SCSI INQUIRY=20
processing code fails. This structure represents data sent on the wire by=
=20
SCSI (and ATAPI I gather) commands. Mess the padding up, and the operation=
=20
explodes.

Explodes. :-)

So we're more than safe in trusting that it works.

Take care,

Bill

--tEFtbjk+mNEviIIX
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)

iD8DBQFHhba5Wz+3JHUci9cRAkcpAJ9VLwnseSYaav1GEmtifWHdcRmZRACfYYVU
42ZjOuu9NVGffCHS4cZJrfc=
=hYOr
-----END PGP SIGNATURE-----

--tEFtbjk+mNEviIIX--