[SCSI] qla4xxx: Fix memory corruption issue in qla4xxx_ep_connect.
In qla4xxx_ep_connect(), qla_ep->dst_addr and dst_addr are type
struct sockaddr. We are copying sizeof(struct sockaddr_in6) bytes
from dst_addr to qla_ep->dst_addr which is 12 bytes larger. This
will cause memory corruption. So we change qla_ep->dst_addr to
struct sockaddr_storage which is of 128 byte, large enough to
hold sizeof(struct sockaddr_in6).
Signed-off-by: Manish Rangankar <manish.rangankar@qlogic.com>
Signed-off-by: Vikas Chaudhary <vikas.chaudhary@qlogic.com>
Reviewed-by: Mike Christie <michaelc@cs.wisc.edu>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
diff --git a/drivers/scsi/qla4xxx/ql4_mbx.c b/drivers/scsi/qla4xxx/ql4_mbx.c
index cab8f66..23a10ea 100644
--- a/drivers/scsi/qla4xxx/ql4_mbx.c
+++ b/drivers/scsi/qla4xxx/ql4_mbx.c
@@ -1695,7 +1695,7 @@
conn = cls_conn->dd_data;
qla_conn = conn->dd_data;
sess = conn->session;
- dst_addr = &qla_conn->qla_ep->dst_addr;
+ dst_addr = (struct sockaddr *)&qla_conn->qla_ep->dst_addr;
if (dst_addr->sa_family == AF_INET6)
options |= IPV6_DEFAULT_DDB_ENTRY;