From 8eec83cc104e102dda74d3416e55a327bc9f234b Mon Sep 17 00:00:00 2001 From: Tomas Bzatek Date: Thu, 27 Jan 2022 18:33:58 +0100 Subject: [PATCH] * Thu Jan 27 2022 Tomas Bzatek - 1.47-7 - Fix sg_inq parsing in rescan-scsi-bus.sh (#2036005,#2035362) - Fix rescan-scsi-bus.sh summary print (#2035382) - sg_readcap --zbc man page switch fix (#2036718) - Various Covscan fixes (#2044433) Resolves: #2036005,#2035362,#2035382,#2036718,#2044433 --- rescan-scsi-bus_printf.patch | 45 + rescan-scsi-bus_sg_inq-parse.patch | 27 + sg3_utils-1.48-covscan_fixes.patch | 1131 +++++++++++++++++ sg3_utils-1.48-initialize_sense_buffers.patch | 798 ++++++++++++ sg3_utils.spec | 23 +- sg_readcap-man.patch | 25 + 6 files changed, 2048 insertions(+), 1 deletion(-) create mode 100644 rescan-scsi-bus_printf.patch create mode 100644 rescan-scsi-bus_sg_inq-parse.patch create mode 100644 sg3_utils-1.48-covscan_fixes.patch create mode 100644 sg3_utils-1.48-initialize_sense_buffers.patch create mode 100644 sg_readcap-man.patch diff --git a/rescan-scsi-bus_printf.patch b/rescan-scsi-bus_printf.patch new file mode 100644 index 0000000..f32b462 --- /dev/null +++ b/rescan-scsi-bus_printf.patch @@ -0,0 +1,45 @@ +From ae6618a9573e7519f6e5c3ea02b7be865dd456d7 Mon Sep 17 00:00:00 2001 +From: Tomas Bzatek +Date: Mon, 17 Jan 2022 13:54:04 +0100 +Subject: [PATCH] rescan-scsi-bus: Do not use printf for summary + +A string containing escape sequences can only be supplied +to `printf` as the first argument. As there's no format involved +in the summary string, just use `echo -e` to process the escaped +sequences. + +Fixes the following phenomenon: + +1 new or changed device(s) found. +\t[1:0:0:0]\n0 remapped or resized device(s) found. +0 device(s) removed. +--- + scripts/rescan-scsi-bus.sh | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/scripts/rescan-scsi-bus.sh b/scripts/rescan-scsi-bus.sh +index 23eff3b..5d5d63b 100755 +--- a/scripts/rescan-scsi-bus.sh ++++ b/scripts/rescan-scsi-bus.sh +@@ -1384,15 +1384,15 @@ fi + + echo "$found new or changed device(s) found. " + if [ ! -z "$FOUNDDEVS" ] ; then +- printf "%s" "$FOUNDDEVS" ++ echo -e "$FOUNDDEVS" + fi + echo "$updated remapped or resized device(s) found." + if [ ! -z "$CHGDEVS" ] ; then +- printf "%s" "$CHGDEVS" ++ echo -e "$CHGDEVS" + fi + echo "$rmvd device(s) removed. " + if [ ! -z "$RMVDDEVS" ] ; then +- printf "%s" "$RMVDDEVS" ++ echo -e "$RMVDDEVS" + fi + + # Local Variables: +-- +2.34.1 + diff --git a/rescan-scsi-bus_sg_inq-parse.patch b/rescan-scsi-bus_sg_inq-parse.patch new file mode 100644 index 0000000..6b4b2d3 --- /dev/null +++ b/rescan-scsi-bus_sg_inq-parse.patch @@ -0,0 +1,27 @@ +From 80b570a1f890d2912418f7698213dfca40443fa1 Mon Sep 17 00:00:00 2001 +From: "Nitin U. Yewale" +Date: Mon, 3 Jan 2022 13:12:12 +0530 +Subject: [PATCH] fix crash with rescan-scsi-bus.sh -r + +--- + scripts/rescan-scsi-bus.sh | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/scripts/rescan-scsi-bus.sh b/scripts/rescan-scsi-bus.sh +index 46fe6c0..e34ea35 100755 +--- a/scripts/rescan-scsi-bus.sh ++++ b/scripts/rescan-scsi-bus.sh +@@ -307,7 +307,13 @@ testonline () + IPREV=$(echo "$INQ" | grep 'Product revision level:' | sed 's/^[^:]*: \(.*\)$/\1/') + STR=$(printf " Vendor: %-08s Model: %-16s Rev: %-4s" "$IVEND" "$IPROD" "$IPREV") + IPTYPE=$(echo "$INQ" | sed -n 's/.* Device_type=\([0-9]*\) .*/\1/p') ++ if [ -z "$IPTYPE" ]; then ++ IPTYPE=$(echo "$INQ" | sed -n 's/.* PDT=\([0-9]*\) .*/\1/p') ++ fi + IPQUAL=$(echo "$INQ" | sed -n 's/ *PQual=\([0-9]*\) Device.*/\1/p') ++ if [ -z "$IPQUAL" ] ; then ++ IPQUAL=$(echo "$INQ" | sed -n 's/ *PQual=\([0-9]*\) PDT.*/\1/p') ++ fi + if [ "$IPQUAL" != 0 ] ; then + [ -z "$IPQUAL" ] && IPQUAL=3 + [ -z "$IPTYPE" ] && IPTYPE=31 diff --git a/sg3_utils-1.48-covscan_fixes.patch b/sg3_utils-1.48-covscan_fixes.patch new file mode 100644 index 0000000..ccf2160 --- /dev/null +++ b/sg3_utils-1.48-covscan_fixes.patch @@ -0,0 +1,1131 @@ +From 84c586f1f1d8bd102928f3ae95d1d1185a59de8f Mon Sep 17 00:00:00 2001 +From: Douglas Gilbert +Date: Wed, 19 Jan 2022 19:12:36 +0000 +Subject: [PATCH] round of coverity identified issue fixes (and non-issues) + +git-svn-id: https://svn.bingwo.ca/repos/sg3_utils/trunk@931 6180dd3e-e324-4e3e-922d-17de1ae2f315 + +diff --git a/lib/sg_cmds_basic.c b/lib/sg_cmds_basic.c +index e177354..92dd102 100644 +--- a/lib/sg_cmds_basic.c ++++ b/lib/sg_cmds_basic.c +@@ -192,7 +192,6 @@ int + sg_cmds_process_resp(struct sg_pt_base * ptvp, const char * leadin, + int pt_res, bool noisy, int verbose, int * o_sense_cat) + { +- bool favour_sense; + int cat, slen, sstat, req_din_x, req_dout_x; + int act_din_x, act_dout_x; + const uint8_t * sbp; +@@ -323,19 +322,23 @@ sg_cmds_process_resp(struct sg_pt_base * ptvp, const char * leadin, + get_scsi_pt_transport_err_str(ptvp, sizeof(b), b); + pr2ws("%s: transport: %s\n", leadin, b); + } +- /* Shall we favour sense data over a transport error (given both) */ + #ifdef SG_LIB_LINUX +- favour_sense = false; /* DRIVER_SENSE is not passed through */ ++ return -1; /* DRIVER_SENSE is not passed through */ + #else +- favour_sense = ((SAM_STAT_CHECK_CONDITION == +- get_scsi_pt_status_response(ptvp)) && (slen > 0)); ++ /* Shall we favour sense data over a transport error (given both) */ ++ { ++ bool favour_sense = ((SAM_STAT_CHECK_CONDITION == ++ get_scsi_pt_status_response(ptvp)) && (slen > 0)); ++ ++ if (favour_sense) ++ return sg_cmds_process_helper(leadin, req_din_x, act_din_x, ++ req_dout_x, act_dout_x, sbp, ++ slen, noisy, verbose, ++ o_sense_cat); ++ else ++ return -1; ++ } + #endif +- if (favour_sense) +- return sg_cmds_process_helper(leadin, req_din_x, act_din_x, +- req_dout_x, act_dout_x, sbp, slen, +- noisy, verbose, o_sense_cat); +- else +- return -1; + case SCSI_PT_RESULT_OS_ERR: + if (verbose || noisy) { + get_scsi_pt_os_err_str(ptvp, sizeof(b), b); +diff --git a/lib/sg_cmds_extra.c b/lib/sg_cmds_extra.c +index 7d4f453..bacb033 100644 +--- a/lib/sg_cmds_extra.c ++++ b/lib/sg_cmds_extra.c +@@ -1807,6 +1807,7 @@ sg_ll_ata_pt(int sg_fd, const uint8_t * cdbp, int cdb_len, + int k, res, slen, duration; + int ret = -1; + uint8_t apt_cdb[ATA_PT_32_CMDLEN]; ++ uint8_t incoming_apt_cdb[ATA_PT_32_CMDLEN]; + uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + uint8_t * sp; + const uint8_t * bp; +@@ -1815,18 +1816,25 @@ sg_ll_ata_pt(int sg_fd, const uint8_t * cdbp, int cdb_len, + char b[256]; + + memset(apt_cdb, 0, sizeof(apt_cdb)); ++ memset(incoming_apt_cdb, 0, sizeof(incoming_apt_cdb)); ++ if (NULL == cdbp) { ++ if (vb) ++ pr2ws("NULL cdb pointer\n"); ++ return -1; ++ } ++ memcpy(incoming_apt_cdb, cdbp, cdb_len); + b[0] = '\0'; + switch (cdb_len) { + case 12: + cnamep = "ATA pass-through(12)"; + apt_cdb[0] = ATA_PT_12_CMD; +- memcpy(apt_cdb + 1, cdbp + 1, 10); ++ memcpy(apt_cdb + 1, incoming_apt_cdb + 1, 10); + /* control byte at cdb[11] left at zero */ + break; + case 16: + cnamep = "ATA pass-through(16)"; + apt_cdb[0] = ATA_PT_16_CMD; +- memcpy(apt_cdb + 1, cdbp + 1, 14); ++ memcpy(apt_cdb + 1, incoming_apt_cdb + 1, 14); + /* control byte at cdb[15] left at zero */ + break; + case 32: +@@ -1835,17 +1843,12 @@ sg_ll_ata_pt(int sg_fd, const uint8_t * cdbp, int cdb_len, + /* control byte at cdb[1] left at zero */ + apt_cdb[7] = 0x18; /* length starting at next byte */ + sg_put_unaligned_be16(ATA_PT_32_SA, apt_cdb + 8); +- memcpy(apt_cdb + 10, cdbp + 10, 32 - 10); ++ memcpy(apt_cdb + 10, incoming_apt_cdb + 10, 32 - 10); + break; + default: + pr2ws("cdb_len must be 12, 16 or 32\n"); + return -1; + } +- if (NULL == cdbp) { +- if (vb) +- pr2ws("%s NULL cdb pointer\n", cnamep); +- return -1; +- } + if (sensep && (max_sense_len >= (int)sizeof(sense_b))) { + sp = sensep; + slen = max_sense_len; +diff --git a/lib/sg_lib.c b/lib/sg_lib.c +index 35f0fbd..1b267e4 100644 +--- a/lib/sg_lib.c ++++ b/lib/sg_lib.c +@@ -3556,16 +3556,15 @@ sg_f2hex_arr(const char * fname, bool as_binary, bool no_space, + k = read(fd, mp_arr, max_arr_len); + if (k <= 0) { + if (0 == k) { +- ret = SG_LIB_SYNTAX_ERROR; ++ ret = SG_LIB_FILE_ERROR; + pr2ws("read 0 bytes from binary file %s\n", fname); + } else { + ret = sg_convert_errno(errno); + pr2ws("read from binary file %s: %s\n", fname, + safe_strerror(errno)); + } +- goto bin_fini; +- } +- if ((0 == fstat(fd, &a_stat)) && S_ISFIFO(a_stat.st_mode)) { ++ } else if ((k < max_arr_len) && (0 == fstat(fd, &a_stat)) && ++ S_ISFIFO(a_stat.st_mode)) { + /* pipe; keep reading till error or 0 read */ + while (k < max_arr_len) { + m = read(fd, mp_arr + k, max_arr_len - k); +@@ -3576,13 +3575,13 @@ sg_f2hex_arr(const char * fname, bool as_binary, bool no_space, + pr2ws("read from binary pipe %s: %s\n", fname, + safe_strerror(err)); + ret = sg_convert_errno(err); +- goto bin_fini; ++ break; + } + k += m; + } + } +- *mp_arr_len = k; +-bin_fini: ++ if (k >= 0) ++ *mp_arr_len = k; + if ((fd >= 0) && (! has_stdin)) + close(fd); + return ret; +@@ -3623,9 +3622,17 @@ sg_f2hex_arr(const char * fname, bool as_binary, bool no_space, + if (isxdigit(line[0])) { + carry_over[1] = line[0]; + carry_over[2] = '\0'; +- if (1 == sscanf(carry_over, "%4x", &h)) +- mp_arr[off - 1] = h; /* back up and overwrite */ +- else { ++ if (1 == sscanf(carry_over, "%4x", &h)) { ++ if (off > 0) { ++ if (off > max_arr_len) { ++ pr2ws("%s: array length exceeded\n", __func__); ++ ret = SG_LIB_LBA_OUT_OF_RANGE; ++ *mp_arr_len = max_arr_len; ++ goto fini; ++ } else ++ mp_arr[off - 1] = h; /* back up and overwrite */ ++ } ++ } else { + pr2ws("%s: carry_over error ['%s'] around line %d\n", + __func__, carry_over, j + 1); + ret = SG_LIB_SYNTAX_ERROR; +@@ -3667,8 +3674,8 @@ sg_f2hex_arr(const char * fname, bool as_binary, bool no_space, + *mp_arr_len = max_arr_len; + ret = SG_LIB_LBA_OUT_OF_RANGE; + goto fini; +- } +- mp_arr[off + k] = h; ++ } else ++ mp_arr[off + k] = h; + } + if (isxdigit(*lcp) && (! isxdigit(*(lcp + 1)))) + carry_over[0] = *lcp; +@@ -3692,8 +3699,8 @@ sg_f2hex_arr(const char * fname, bool as_binary, bool no_space, + ret = SG_LIB_LBA_OUT_OF_RANGE; + *mp_arr_len = max_arr_len; + goto fini; +- } +- mp_arr[off + k] = h; ++ } else ++ mp_arr[off + k] = h; + lcp = strpbrk(lcp, " ,\t"); + if (NULL == lcp) + break; +@@ -3766,7 +3773,11 @@ uint32_t + sg_get_page_size(void) + { + #if defined(HAVE_SYSCONF) && defined(_SC_PAGESIZE) +- return (uint32_t)sysconf(_SC_PAGESIZE); /* POSIX.1 (was getpagesize()) */ ++ { ++ long res = sysconf(_SC_PAGESIZE); /* POSIX.1 (was getpagesize()) */ ++ ++ return (res <= 0) ? 4096 : res; ++ } + #elif defined(SG_LIB_WIN32) + static bool got_page_size = false; + static uint32_t win_page_size; +diff --git a/src/sg_dd.c b/src/sg_dd.c +index 2fa3750..65f7698 100644 +--- a/src/sg_dd.c ++++ b/src/sg_dd.c +@@ -85,6 +85,8 @@ static const char * version_str = "6.31 20211114"; + #define DEF_BLOCKS_PER_2048TRANSFER 32 + #define DEF_SCSI_CDBSZ 10 + #define MAX_SCSI_CDBSZ 16 ++#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ ++#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ + + #define DEF_MODE_CDB_SZ 10 + #define DEF_MODE_RESP_LEN 252 +@@ -1848,15 +1850,16 @@ main(int argc, char * argv[]) + bpt_given = true; + } else if (0 == strcmp(key, "bs")) { + blk_sz = sg_get_num(buf); +- bpt_given = true; +- } else if (0 == strcmp(key, "bs")) { +- blk_sz = sg_get_num(buf); +- if (-1 == blk_sz) { ++ if ((blk_sz < 0) || (blk_sz > MAX_BPT_VALUE)) { + pr2serr(ME "bad argument to 'bs='\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key, "cdbsz")) { + iflag.cdbsz = sg_get_num(buf); ++ if ((iflag.cdbsz < 6) || (iflag.cdbsz > 32)) { ++ pr2serr(ME "'cdbsz' expects 6, 10, 12, 16 or 32\n"); ++ return SG_LIB_SYNTAX_ERROR; ++ } + oflag.cdbsz = iflag.cdbsz; + cdbsz_given = true; + } else if (0 == strcmp(key, "cdl")) { +@@ -1894,7 +1897,7 @@ main(int argc, char * argv[]) + } else if (0 == strcmp(key, "count")) { + if (0 != strcmp("-1", buf)) { + dd_count = sg_get_llnum(buf); +- if (-1LL == dd_count) { ++ if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { + pr2serr(ME "bad argument to 'count='\n"); + return SG_LIB_SYNTAX_ERROR; + } +@@ -1906,9 +1909,13 @@ main(int argc, char * argv[]) + t = sg_get_num(buf); + oflag.fua = !! (t & 1); + iflag.fua = !! (t & 2); +- } else if (0 == strcmp(key, "ibs")) ++ } else if (0 == strcmp(key, "ibs")) { + ibs = sg_get_num(buf); +- else if (strcmp(key, "if") == 0) { ++ if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { ++ pr2serr(ME "bad argument to 'ibs='\n"); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (strcmp(key, "if") == 0) { + if ('\0' != inf[0]) { + pr2serr("Second IFILE argument??\n"); + return SG_LIB_SYNTAX_ERROR; +@@ -1921,9 +1928,13 @@ main(int argc, char * argv[]) + pr2serr(ME "bad argument to 'iflag='\n"); + return SG_LIB_SYNTAX_ERROR; + } +- } else if (0 == strcmp(key, "obs")) ++ } else if (0 == strcmp(key, "obs")) { + obs = sg_get_num(buf); +- else if (0 == strcmp(key, "odir")) { ++ if ((obs < 0) || (obs > MAX_BPT_VALUE)) { ++ pr2serr(ME "bad argument to 'obs='\n"); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (0 == strcmp(key, "odir")) { + iflag.direct = !! sg_get_num(buf); + oflag.direct = iflag.direct; + } else if (strcmp(key, "of") == 0) { +@@ -1956,13 +1967,13 @@ main(int argc, char * argv[]) + } + } else if (0 == strcmp(key, "seek")) { + seek = sg_get_llnum(buf); +- if (-1LL == seek) { ++ if ((seek < 0) || (seek > MAX_COUNT_SKIP_SEEK)) { + pr2serr(ME "bad argument to 'seek='\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key, "skip")) { + skip = sg_get_llnum(buf); +- if (-1LL == skip) { ++ if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { + pr2serr(ME "bad argument to 'skip='\n"); + return SG_LIB_SYNTAX_ERROR; + } +@@ -2080,8 +2091,8 @@ main(int argc, char * argv[]) + pr2serr("Can't use both append and seek switches\n"); + return SG_LIB_CONTRADICT; + } +- if (bpt < 1) { +- pr2serr("bpt must be greater than 0\n"); ++ if ((bpt < 1) || (bpt > MAX_BPT_VALUE)) { ++ pr2serr("bpt must be > 0 and <= %d\n", MAX_BPT_VALUE); + return SG_LIB_SYNTAX_ERROR; + } + if (iflag.sparse) +diff --git a/src/sg_logs.c b/src/sg_logs.c +index 694ee6e..de5d339 100644 +--- a/src/sg_logs.c ++++ b/src/sg_logs.c +@@ -669,8 +673,8 @@ get_vp_mask(int vpn) + if (vpn < 0) + return 0; + else +- return (vpn > (32 - MVP_OFFSET)) ? OVP_ALL : +- (1 << (vpn + MVP_OFFSET)); ++ return (vpn >= (32 - MVP_OFFSET)) ? OVP_ALL : ++ (1 << (vpn + MVP_OFFSET)); + } + + static int +diff --git a/src/sg_map26.c b/src/sg_map26.c +index 3fca019..2ea8d69 100644 +--- a/src/sg_map26.c ++++ b/src/sg_map26.c +@@ -396,7 +396,7 @@ list_matching_nodes(const char * dir_name, int file_type, int majj, int minn, + } + + struct sg_item_t { +- char name[NAME_LEN_MAX]; ++ char name[NAME_LEN_MAX + 2]; + int ft; + int nt; + int d_type; +diff --git a/src/sg_modes.c b/src/sg_modes.c +index 47062b1..c0fc87f 100644 +--- a/src/sg_modes.c ++++ b/src/sg_modes.c +@@ -790,6 +790,9 @@ dStrRaw(const uint8_t * str, int len) + printf("%c", str[k]); + } + ++/* Note to coverity: this function is safe as long as the page_code_desc ++ * objects pointed to by pcdp have a sentinel object at the end of each ++ * array. And they do by design.*/ + static int + count_desc_elems(const struct page_code_desc * pcdp) + { +diff --git a/src/sg_persist.c b/src/sg_persist.c +index e779fe4..872f16e 100644 +--- a/src/sg_persist.c ++++ b/src/sg_persist.c +@@ -1279,7 +1279,9 @@ main(int argc, char * argv[]) + flagged = true; + goto fini; + } +- sg_cmds_close_device(sg_fd); ++ res = sg_cmds_close_device(sg_fd); ++ if (res < 0) ++ pr2serr("%s: sg_cmds_close_device() failed res=%d\n", ME, res); + } + + if (! op->readwrite_force) { +diff --git a/src/sg_raw.c b/src/sg_raw.c +index 9cfa19c..453a85a 100644 +--- a/src/sg_raw.c ++++ b/src/sg_raw.c +@@ -323,7 +323,7 @@ parse_cmd_line(struct opts_t * op, int argc, char *argv[]) + return SG_LIB_SYNTAX_ERROR; + } + +- if (op->cdb_length > MAX_SCSI_CDBSZ) { ++ if (op->cdb_length >= MAX_SCSI_CDBSZ) { + pr2serr("CDB too long (max. %d bytes)\n", MAX_SCSI_CDBSZ); + return SG_LIB_SYNTAX_ERROR; + } +diff --git a/src/sg_read.c b/src/sg_read.c +index 628e0d8..a4f7cee 100644 +--- a/src/sg_read.c ++++ b/src/sg_read.c +@@ -58,12 +58,14 @@ + #include "sg_pr2serr.h" + + +-static const char * version_str = "1.36 20191220"; ++static const char * version_str = "1.38 20220118"; + + #define DEF_BLOCK_SIZE 512 + #define DEF_BLOCKS_PER_TRANSFER 128 + #define DEF_SCSI_CDBSZ 10 + #define MAX_SCSI_CDBSZ 16 ++#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ ++#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ + + #define ME "sg_read: " + +@@ -456,30 +458,35 @@ main(int argc, char * argv[]) + do_blk_sgio = !! sg_get_num(buf); + else if (0 == strcmp(key,"bpt")) { + bpt = sg_get_num(buf); +- if (-1 == bpt) { ++ if ((bpt < 0) || (bpt > MAX_BPT_VALUE)) { + pr2serr( ME "bad argument to 'bpt'\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key,"bs")) { + bs = sg_get_num(buf); +- if (-1 == bs) { ++ if ((bs < 0) || (bs > MAX_BPT_VALUE)) { + pr2serr( ME "bad argument to 'bs'\n"); + return SG_LIB_SYNTAX_ERROR; + } +- } else if (0 == strcmp(key,"cdbsz")) ++ } else if (0 == strcmp(key,"cdbsz")) { + scsi_cdbsz = sg_get_num(buf); +- else if (0 == strcmp(key,"count")) { ++ if ((scsi_cdbsz < 0) || (scsi_cdbsz > 32)) { ++ pr2serr( ME "bad argument to 'cdbsz', expect 6, 10, 12, 16 " ++ "or 32\n"); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (0 == strcmp(key,"count")) { + count_given = true; + if ('-' == *buf) { + dd_count = sg_get_llnum(buf + 1); +- if (-1 == dd_count) { ++ if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { + pr2serr( ME "bad argument to 'count'\n"); + return SG_LIB_SYNTAX_ERROR; + } + dd_count = - dd_count; + } else { + dd_count = sg_get_llnum(buf); +- if (-1 == dd_count) { ++ if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { + pr2serr( ME "bad argument to 'count'\n"); + return SG_LIB_SYNTAX_ERROR; + } +@@ -504,7 +511,7 @@ main(int argc, char * argv[]) + outf[INF_SZ - 1] = '\0'; + } else if (0 == strcmp(key,"skip")) { + skip = sg_get_llnum(buf); +- if (-1 == skip) { ++ if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { + pr2serr( ME "bad argument to 'skip'\n"); + return SG_LIB_SYNTAX_ERROR; + } +diff --git a/src/sg_read_buffer.c b/src/sg_read_buffer.c +index 93c32a5..01a79c3 100644 +--- a/src/sg_read_buffer.c ++++ b/src/sg_read_buffer.c +@@ -483,7 +483,10 @@ main(int argc, char * argv[]) + do_long = true; + break; + case 'm': +- if (isdigit((uint8_t)*optarg)) { ++ if (NULL == optarg) { ++ pr2serr("bad argument to '--mode'\n"); ++ return SG_LIB_SYNTAX_ERROR; ++ } else if (isdigit((uint8_t)*optarg)) { + rb_mode = sg_get_num(optarg); + if ((rb_mode < 0) || (rb_mode > 31)) { + pr2serr("argument to '--mode' should be in the range 0 " +diff --git a/src/sg_sat_phy_event.c b/src/sg_sat_phy_event.c +index 9b1f588..090ecf7 100644 +--- a/src/sg_sat_phy_event.c ++++ b/src/sg_sat_phy_event.c +@@ -154,15 +154,17 @@ dStrRaw(const uint8_t * str, int len) + } + + /* ATA READ LOG EXT command [2Fh, PIO data-in] */ +-/* N.B. "log_addr" is the log page number, "page_in_log" is usually false */ ++/* N.B. "log_addr" is the log page number, "page_in_log" is usually 0 */ + static int +-do_read_log_ext(int sg_fd, int log_addr, bool page_in_log, int feature, ++do_read_log_ext(int sg_fd, int log_addr, int page_in_log, int feature, + int blk_count, void * resp, int mx_resp_len, int cdb_len, + bool ck_cond, bool extend, int do_hex, bool do_raw, + int verbose) + { + /* Following for ATA READ/WRITE MULTIPLE (EXT) cmds, normally 0 */ ++#if 0 + bool t_type = false;/* false -> 512 byte LBs, true -> device's LB size */ ++#endif + bool t_dir = true; /* false -> to device, 1 -> from device */ + bool byte_block = true; /* false -> bytes, true -> 512 byte blocks (if + t_type=false) */ +@@ -205,8 +207,10 @@ do_read_log_ext(int sg_fd, int log_addr, bool page_in_log, int feature, + apt_cdb[2] = t_length; + if (ck_cond) + apt_cdb[2] |= 0x20; ++#if 0 + if (t_type) + apt_cdb[2] |= 0x10; ++#endif + if (t_dir) + apt_cdb[2] |= 0x8; + if (byte_block) +@@ -226,8 +230,10 @@ do_read_log_ext(int sg_fd, int log_addr, bool page_in_log, int feature, + apt12_cdb[2] = t_length; + if (ck_cond) + apt12_cdb[2] |= 0x20; ++#if 0 + if (t_type) + apt12_cdb[2] |= 0x10; ++#endif + if (t_dir) + apt12_cdb[2] |= 0x8; + if (byte_block) +@@ -487,7 +493,7 @@ int main(int argc, char * argv[]) + return sg_convert_errno(err); + } + ret = do_read_log_ext(sg_fd, SATA_PHY_EVENT_LPAGE, +- false /* page_in_log */, ++ 0 /* page_in_log */, + (reset ? 1 : 0) /* feature */, + 1 /* blk_count */, inBuff, + READ_LOG_EXT_RESPONSE_LEN, cdb_len, ck_cond, +diff --git a/src/sg_scan_linux.c b/src/sg_scan_linux.c +index 7354ad4..c04206a 100644 +--- a/src/sg_scan_linux.c ++++ b/src/sg_scan_linux.c +@@ -203,6 +203,7 @@ int main(int argc, char * argv[]) + printf(ME "Out of memory\n"); + return SG_LIB_CAT_OTHER; + } ++ strcpy(fname, ""); + + for (k = 1, j = 0; k < argc; ++k) { + cp = argv[k]; +diff --git a/src/sg_stpg.c b/src/sg_stpg.c +index e57b13c..a12b5ca 100644 +--- a/src/sg_stpg.c ++++ b/src/sg_stpg.c +@@ -142,15 +142,14 @@ dStrRaw(const uint8_t * str, int len) + static int + decode_target_port(uint8_t * buff, int len, int *d_id, int *d_tpg) + { +- int c_set, assoc, desig_type, i_len; +- int off, u; ++ int c_set, assoc, desig_type, i_len, off; + const uint8_t * bp; + const uint8_t * ip; + + *d_id = -1; + *d_tpg = -1; + off = -1; +- while ((u = sg_vpd_dev_id_iter(buff, len, &off, -1, -1, -1)) == 0) { ++ while (sg_vpd_dev_id_iter(buff, len, &off, -1, -1, -1) == 0) { + bp = buff + off; + i_len = bp[3]; + if ((off + i_len + 4) > len) { +diff --git a/src/sg_vpd.c b/src/sg_vpd.c +index 0ca6303..1a74af5 100644 +--- a/src/sg_vpd.c ++++ b/src/sg_vpd.c +@@ -755,6 +755,7 @@ decode_dev_ids_quiet(uint8_t * buff, int len, int m_assoc, + uint8_t sas_tport_addr[8]; + + rtp = 0; ++ u = 0; + memset(sas_tport_addr, 0, sizeof(sas_tport_addr)); + for (k = 0, off = -1; true; ++k) { + if ((0 == k) && (0 != buff[2])) { +diff --git a/src/sg_xcopy.c b/src/sg_xcopy.c +index 4307668..39ad83c 100644 +--- a/src/sg_xcopy.c ++++ b/src/sg_xcopy.c +@@ -306,7 +306,7 @@ open_sg(struct xcopy_fp_t * fp, int vb) + int devmajor, devminor, offset; + struct sg_simple_inquiry_resp sir; + char ebuff[EBUFF_SZ]; +- int len; ++ int len, res; + + devmajor = major(fp->devno); + devminor = minor(fp->devno); +@@ -344,7 +344,9 @@ open_sg(struct xcopy_fp_t * fp, int vb) + } + if (sg_simple_inquiry(fp->sg_fd, &sir, false, vb)) { + pr2serr("INQUIRY failed on %s\n", ebuff); +- sg_cmds_close_device(fp->sg_fd); ++ res = sg_cmds_close_device(fp->sg_fd); ++ if (res < 0) ++ pr2serr("sg_cmds_close_device() failed as well\n"); + fp->sg_fd = -1; + return -1; + } +@@ -1024,7 +1026,7 @@ desc_from_vpd_id(int sg_fd, uint8_t *desc, int desc_len, + int res, verb; + uint8_t rcBuff[256], *bp, *best = NULL; + unsigned int len = 254; +- int off = -1, u, i_len, best_len = 0, assoc, desig, f_desig = 0; ++ int off = -1, i_len, best_len = 0, assoc, desig, f_desig = 0; + char b[80]; + + verb = (verbose ? verbose - 1: 0); +@@ -1060,8 +1062,7 @@ desc_from_vpd_id(int sg_fd, uint8_t *desc, int desc_len, + hex2stderr(rcBuff, len, 1); + } + +- while ((u = sg_vpd_dev_id_iter(rcBuff + 4, len - 4, &off, 0, -1, -1)) == +- 0) { ++ while (sg_vpd_dev_id_iter(rcBuff + 4, len - 4, &off, 0, -1, -1) == 0) { + bp = rcBuff + 4 + off; + i_len = bp[3]; + if (((unsigned int)off + i_len + 4) > len) { +diff --git a/src/sgm_dd.c b/src/sgm_dd.c +index e95fca9..aa656b3 100644 +--- a/src/sgm_dd.c ++++ b/src/sgm_dd.c +@@ -69,13 +69,15 @@ + #include "sg_pr2serr.h" + + +-static const char * version_str = "1.17 20211024"; ++static const char * version_str = "1.19 20220118"; + + #define DEF_BLOCK_SIZE 512 + #define DEF_BLOCKS_PER_TRANSFER 128 + #define DEF_BLOCKS_PER_2048TRANSFER 32 + #define DEF_SCSI_CDBSZ 10 + #define MAX_SCSI_CDBSZ 16 ++#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ ++#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ + + #define ME "sgm_dd: " + +@@ -795,6 +797,10 @@ main(int argc, char * argv[]) + } + } else if (0 == strcmp(key,"cdbsz")) { + scsi_cdbsz_in = sg_get_num(buf); ++ if ((scsi_cdbsz_in < 6) || (scsi_cdbsz_in > 32)) { ++ pr2serr(ME "'cdbsz' expects 6, 10, 12, 16 or 32\n"); ++ return SG_LIB_SYNTAX_ERROR; ++ } + scsi_cdbsz_out = scsi_cdbsz_in; + cdbsz_given = true; + } else if (0 == strcmp(key,"coe")) { +@@ -803,7 +809,7 @@ main(int argc, char * argv[]) + } else if (0 == strcmp(key,"count")) { + if (0 != strcmp("-1", buf)) { + dd_count = sg_get_llnum(buf); +- if (-1LL == dd_count) { ++ if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { + pr2serr(ME "bad argument to 'count'\n"); + return SG_LIB_SYNTAX_ERROR; + } +@@ -818,7 +824,7 @@ main(int argc, char * argv[]) + in_flags.fua = true; + } else if (0 == strcmp(key,"ibs")) { + ibs = sg_get_num(buf); +- if (-1 == ibs) { ++ if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { + pr2serr(ME "bad argument to 'ibs'\n"); + return SG_LIB_SYNTAX_ERROR; + } +@@ -850,19 +856,19 @@ main(int argc, char * argv[]) + } + } else if (0 == strcmp(key,"obs")) { + obs = sg_get_num(buf); +- if (-1 == obs) { ++ if ((obs < 0) || (obs > MAX_BPT_VALUE)) { + pr2serr(ME "bad argument to 'obs'\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key,"seek")) { + seek = sg_get_llnum(buf); +- if (-1LL == seek) { ++ if ((seek < 0) || (seek > MAX_COUNT_SKIP_SEEK)) { + pr2serr(ME "bad argument to 'seek'\n"); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key,"skip")) { + skip = sg_get_llnum(buf); +- if (-1LL == skip) { ++ if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { + pr2serr(ME "bad argument to 'skip'\n"); + return SG_LIB_SYNTAX_ERROR; + } +@@ -955,8 +961,8 @@ main(int argc, char * argv[]) + pr2serr("Can't use both append and seek switches\n"); + return SG_LIB_CONTRADICT; + } +- if (bpt < 1) { +- pr2serr("bpt must be greater than 0\n"); ++ if ((bpt < 1) || (bpt > MAX_BPT_VALUE)) { ++ pr2serr("bpt must be > 0 and <= %d\n", MAX_BPT_VALUE); + return SG_LIB_SYNTAX_ERROR; + } + /* defaulting transfer size to 128*2048 for CD/DVDs is too large +diff --git a/src/sgp_dd.c b/src/sgp_dd.c +index b71bf7b..a36d9d0 100644 +--- a/src/sgp_dd.c ++++ b/src/sgp_dd.c +@@ -85,13 +85,15 @@ + #include "sg_pr2serr.h" + + +-static const char * version_str = "5.83 20211105"; ++static const char * version_str = "5.84 20220118"; + + #define DEF_BLOCK_SIZE 512 + #define DEF_BLOCKS_PER_TRANSFER 128 + #define DEF_BLOCKS_PER_2048TRANSFER 32 + #define DEF_SCSI_CDBSZ 10 + #define MAX_SCSI_CDBSZ 16 ++#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ ++#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ + + + #define SENSE_BUFF_LEN 64 /* Arbitrary, could be larger */ +@@ -370,13 +372,15 @@ thread_exit_handler(int sig) + static char * + tsafe_strerror(int code, char * ebp) + { ++ int status; + char * cp; + +- pthread_mutex_lock(&strerr_mut); ++ status = pthread_mutex_lock(&strerr_mut); ++ if (0 != status) pr2serr("lock strerr_mut"); + cp = safe_strerror(code); + strncpy(ebp, cp, STRERR_BUFF_LEN); +- pthread_mutex_unlock(&strerr_mut); +- ++ status = pthread_mutex_unlock(&strerr_mut); ++ if (0 != status) pr2serr("unlock strerr_mut"); + ebp[STRERR_BUFF_LEN - 1] = '\0'; + return ebp; + } +@@ -649,8 +653,10 @@ sg_in_open(const char * fnp, struct flags_t * flagp, int bs, int bpt) + perror(ebuff); + return -sg_convert_errno(err); + } +- if (sg_prepare(fd, bs, bpt)) ++ if (sg_prepare(fd, bs, bpt)) { ++ close(fd); + return -SG_LIB_FILE_ERROR; ++ } + return fd; + } + +@@ -675,8 +681,10 @@ sg_out_open(const char * fnp, struct flags_t * flagp, int bs, int bpt) + perror(ebuff); + return -sg_convert_errno(err); + } +- if (sg_prepare(fd, bs, bpt)) ++ if (sg_prepare(fd, bs, bpt)) { ++ close(fd); + return -SG_LIB_FILE_ERROR; ++ } + return fd; + } + +@@ -1424,19 +1432,23 @@ main(int argc, char * argv[]) + keylen = strlen(key); + if (0 == strcmp(key,"bpt")) { + clp->bpt = sg_get_num(buf); +- if (-1 == clp->bpt) { ++ if ((clp->bpt < 0) || (clp->bpt > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'bpt='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } + bpt_given = 1; + } else if (0 == strcmp(key,"bs")) { + clp->bs = sg_get_num(buf); +- if (-1 == clp->bs) { ++ if ((clp->bs < 0) || (clp->bs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'bs='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key,"cdbsz")) { + clp->cdbsz_in = sg_get_num(buf); ++ if ((clp->cdbsz_in < 6) || (clp->cdbsz_in > 32)) { ++ pr2serr("%s'cdbsz' expects 6, 10, 12, 16 or 32\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } + clp->cdbsz_out = clp->cdbsz_in; + cdbsz_given = 1; + } else if (0 == strcmp(key,"coe")) { +@@ -1445,7 +1457,7 @@ main(int argc, char * argv[]) + } else if (0 == strcmp(key,"count")) { + if (0 != strcmp("-1", buf)) { + dd_count = sg_get_llnum(buf); +- if (-1LL == dd_count) { ++ if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { + pr2serr("%sbad argument to 'count='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +@@ -1464,7 +1476,7 @@ main(int argc, char * argv[]) + clp->in_flags.fua = true; + } else if (0 == strcmp(key,"ibs")) { + ibs = sg_get_num(buf); +- if (-1 == ibs) { ++ if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'ibs='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +@@ -1483,7 +1495,7 @@ main(int argc, char * argv[]) + } + } else if (0 == strcmp(key,"obs")) { + obs = sg_get_num(buf); +- if (-1 == obs) { ++ if ((obs < 0) || (obs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'obs='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +@@ -1502,13 +1514,13 @@ main(int argc, char * argv[]) + } + } else if (0 == strcmp(key,"seek")) { + seek = sg_get_llnum(buf); +- if (-1LL == seek) { ++ if ((seek < 0) || (seek > MAX_COUNT_SKIP_SEEK)) { + pr2serr("%sbad argument to 'seek='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key,"skip")) { + skip = sg_get_llnum(buf); +- if (-1LL == skip) { ++ if ((skip < 0) || (skip > MAX_COUNT_SKIP_SEEK)) { + pr2serr("%sbad argument to 'skip='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +@@ -1611,8 +1623,8 @@ main(int argc, char * argv[]) + pr2serr("Can't use both append and seek switches\n"); + return SG_LIB_SYNTAX_ERROR; + } +- if (clp->bpt < 1) { +- pr2serr("bpt must be greater than 0\n"); ++ if ((clp->bpt < 1) || (clp->bpt > MAX_BPT_VALUE)) { ++ pr2serr("bpt must be > 0 and <= %d\n", MAX_BPT_VALUE); + return SG_LIB_SYNTAX_ERROR; + } + if (clp->in_flags.mmap && clp->out_flags.mmap) { +@@ -1851,9 +1863,14 @@ main(int argc, char * argv[]) + clp->out_count = dd_count; + clp->out_rem_count = dd_count; + clp->seek = seek; +- clp->out_blk = seek; + status = pthread_mutex_init(&clp->inout_mutex, NULL); + if (0 != status) err_exit(status, "init inout_mutex"); ++ status = pthread_mutex_lock(&clp->inout_mutex); ++ if (0 != status) err_exit(status, "lock inout_mutex"); ++ clp->out_blk = seek; ++ status = pthread_mutex_unlock(&clp->inout_mutex); ++ if (0 != status) err_exit(status, "unlock inout_mutex"); ++ + status = pthread_cond_init(&clp->out_sync_cv, NULL); + if (0 != status) err_exit(status, "init out_sync_cv"); + +diff --git a/testing/sg_mrq_dd.cpp b/testing/sg_mrq_dd.cpp +index a97aa9b..7b81a63 100644 +--- a/testing/sg_mrq_dd.cpp ++++ b/testing/sg_mrq_dd.cpp +@@ -141,6 +141,8 @@ using namespace std; + #define MAX_SCSI_CDB_SZ 16 /* could be 32 */ + #define PACK_ID_TID_MULTIPLIER (0x1000000) /* 16,777,216 */ + #define MAX_SLICES 16 /* number of IFILE,OFILE pairs */ ++#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ ++#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ + + #define SENSE_BUFF_LEN 64 /* Arbitrary, could be larger */ + #define READ_CAP_REPLY_LEN 8 +@@ -3361,7 +3363,7 @@ skip_seek(struct global_collection *clp, const char * key, const char * buf, + } + } else { /* single number on command line (e.g. skip=1234) */ + ll = sg_get_llnum(buf); +- if (-1LL == ll) { ++ if ((ll < 0) || (ll > MAX_COUNT_SKIP_SEEK)) { + pr2serr("bad argument to '%s='\n", key); + return SG_LIB_SYNTAX_ERROR; + } +@@ -3544,14 +3546,14 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + keylen = strlen(key); + if (0 == strcmp(key, "bpt")) { + clp->bpt = sg_get_num(buf); +- if (-1 == clp->bpt) { ++ if ((clp->bpt < 0) || (clp->bpt > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'bpt='\n", my_name); + goto syn_err; + } + bpt_given = true; + } else if (0 == strcmp(key, "bs")) { + clp->bs = sg_get_num(buf); +- if (-1 == clp->bs) { ++ if ((clp->bs < 0) || (clp->bs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'bs='\n", my_name); + goto syn_err; + } +@@ -3611,7 +3613,8 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + } + if (0 != strcmp("-1", buf)) { + clp->dd_count = sg_get_llnum(buf); +- if (-1LL == clp->dd_count) { ++ if ((clp->dd_count < 0) || ++ (clp->dd_count > MAX_COUNT_SKIP_SEEK)) { + pr2serr("%sbad argument to 'count='\n", my_name); + goto syn_err; + } +@@ -3622,7 +3625,7 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + clp->out_flags.dio = clp->in_flags.dio; + } else if (0 == strcmp(key, "elemsz_kb")) { + n = sg_get_num(buf); +- if (n < 1) { ++ if ((n < 1) || (n > (MAX_BPT_VALUE / 1024))) { + pr2serr("elemsz_kb=EKB wants an integer > 0\n"); + goto syn_err; + } +@@ -3646,7 +3649,7 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + clp->in_flags.fua = true; + } else if (0 == strcmp(key, "ibs")) { + ibs = sg_get_num(buf); +- if (-1 == ibs) { ++ if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'ibs='\n", my_name); + goto syn_err; + } +@@ -3700,7 +3703,7 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + clp->out_flags.no_waitq = true; + } else if (0 == strcmp(key, "obs")) { + obs = sg_get_num(buf); +- if (-1 == obs) { ++ if ((obs < 0) || (obs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'obs='\n", my_name); + goto syn_err; + } +@@ -3769,9 +3772,13 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + memcpy(skip_buf, buf, n + 1); + } else if (0 == strcmp(key, "sync")) + do_sync = !! sg_get_num(buf); +- else if (0 == strcmp(key, "thr")) ++ else if (0 == strcmp(key, "thr")) { + num_threads = sg_get_num(buf); +- else if (0 == strcmp(key, "time")) { ++ if ((num_threads < 0) || (num_threads > MAX_BPT_VALUE)) { ++ pr2serr("%sneed argument to 'skip='\n", my_name); ++ goto syn_err; ++ } ++ } else if (0 == strcmp(key, "time")) { + ccp = strchr(buf, ','); + do_time = sg_get_num(buf); + if (do_time < 0) { +@@ -3780,7 +3787,7 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + } + if (ccp) { + n = sg_get_num(ccp + 1); +- if (n < 0) { ++ if ((n < 0) || (n > (MAX_BPT_VALUE / 1000))) { + pr2serr("%sbad argument to 'time=0|1|2,TO'\n", my_name); + goto syn_err; + } +diff --git a/testing/sgh_dd.cpp b/testing/sgh_dd.cpp +index 38ee1d5..2c1f243 100644 +--- a/testing/sgh_dd.cpp ++++ b/testing/sgh_dd.cpp +@@ -134,6 +134,8 @@ using namespace std; + #define DEF_SDT_CRT_SEC 3 + #define DEF_SCSI_CDBSZ 10 + #define MAX_SCSI_CDBSZ 16 ++#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ ++#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ + + #define SENSE_BUFF_LEN 64 /* Arbitrary, could be larger */ + #define READ_CAP_REPLY_LEN 8 +@@ -4043,19 +4045,23 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + clp->aen_given = true; + } else if (0 == strcmp(key, "bpt")) { + clp->bpt = sg_get_num(buf); +- if (-1 == clp->bpt) { ++ if ((clp->bpt < 0) || (clp->bpt > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'bpt='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } + bpt_given = true; + } else if (0 == strcmp(key, "bs")) { + clp->bs = sg_get_num(buf); +- if (-1 == clp->bs) { ++ if ((clp->bs < 0) || (clp->bs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'bs='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key, "cdbsz")) { + clp->cdbsz_in = sg_get_num(buf); ++ if ((clp->cdbsz_in < 6) || (clp->cdbsz_in > 32)) { ++ pr2serr("%s'cdbsz' expects 6, 10, 12, 16 or 32\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } + clp->cdbsz_out = clp->cdbsz_in; + clp->cdbsz_given = true; + } else if (0 == strcmp(key, "coe")) { +@@ -4069,7 +4075,7 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + } else if (0 == strcmp(key, "count")) { + if (0 != strcmp("-1", buf)) { + dd_count = sg_get_llnum(buf); +- if (-1LL == dd_count) { ++ if ((dd_count < 0) || (dd_count > MAX_COUNT_SKIP_SEEK)) { + pr2serr("%sbad argument to 'count='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +@@ -4103,7 +4109,7 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + clp->in_flags.fua = true; + } else if (0 == strcmp(key, "ibs")) { + ibs = sg_get_num(buf); +- if (-1 == ibs) { ++ if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'ibs='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +@@ -4148,7 +4154,7 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + clp->noshare = !! sg_get_num(buf); + } else if (0 == strcmp(key, "obs")) { + obs = sg_get_num(buf); +- if (-1 == obs) { ++ if ((obs < 0) || (obs > MAX_BPT_VALUE)) { + pr2serr("%sbad argument to 'obs='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +@@ -4206,13 +4212,13 @@ parse_cmdline_sanity(int argc, char * argv[], struct global_collection * clp, + } + } else if (0 == strcmp(key, "seek")) { + clp->seek = sg_get_llnum(buf); +- if (-1LL == clp->seek) { ++ if (clp->seek < 0) { + pr2serr("%sbad argument to 'seek='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } + } else if (0 == strcmp(key, "skip")) { + clp->skip = sg_get_llnum(buf); +- if (-1LL == clp->skip) { ++ if (clp->skip < 0) { + pr2serr("%sbad argument to 'skip='\n", my_name); + return SG_LIB_SYNTAX_ERROR; + } +diff --git a/testing/sgs_dd.c b/testing/sgs_dd.c +index 65b2c06..60d25aa 100644 +--- a/testing/sgs_dd.c ++++ b/testing/sgs_dd.c +@@ -100,6 +100,8 @@ static const char * my_name = "sgs_dd"; + #define SGQ_MAX_RD_AHEAD 32 + #define SGQ_MAX_WR_AHEAD 32 + #define SGQ_NUM_ELEMS (SGQ_MAX_RD_AHEAD + SGQ_MAX_WR_AHEAD + 1) ++#define MAX_BPT_VALUE (1 << 24) /* used for maximum bs as well */ ++#define MAX_COUNT_SKIP_SEEK (1LL << 48) /* coverity wants upper bound */ + + #define SGQ_FREE 0 + #define SGQ_IO_STARTED 1 +@@ -1274,17 +1276,33 @@ main(int argc, char * argv[]) + buf++; + if (*buf) + *buf++ = '\0'; +- if (0 == strcmp(key,"bpt")) ++ if (0 == strcmp(key,"bpt")) { + clp->bpt = sg_get_num(buf); +- else if (0 == strcmp(key,"bs")) ++ if ((clp->bpt < 0) || (clp->bpt > MAX_BPT_VALUE)) { ++ pr2serr("%s: bad argument to 'bpt='\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (0 == strcmp(key,"bs")) { + clp->bs = sg_get_num(buf); +- else if (0 == strcmp(key,"count")) ++ if ((clp->bs < 0) || (clp->bs > MAX_BPT_VALUE)) { ++ pr2serr("%s: bad argument to 'bs='\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (0 == strcmp(key,"count")) { + count = sg_get_num(buf); +- else if (0 == strcmp(key,"deb")) ++ if (count < 0) { ++ pr2serr("%s: bad argument to 'count='\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (0 == strcmp(key,"deb")) + clp->debug += sg_get_num(buf); +- else if (0 == strcmp(key,"ibs")) ++ else if (0 == strcmp(key,"ibs")) { + ibs = sg_get_num(buf); +- else if (strcmp(key,"if") == 0) { ++ if ((ibs < 0) || (ibs > MAX_BPT_VALUE)) { ++ pr2serr("%s: bad argument to 'ibs='\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (strcmp(key,"if") == 0) { + memcpy(inf, buf, INOUTF_SZ); + inf[INOUTF_SZ - 1] = '\0'; + } else if (0 == strcmp(key, "iflag")) { +@@ -1297,9 +1315,13 @@ main(int argc, char * argv[]) + else if (0 == strcmp(key,"no_sig")) { /* default changes */ + clp->no_sig = !!sg_get_num(buf); + no_sig_given = true; +- } else if (0 == strcmp(key,"obs")) ++ } else if (0 == strcmp(key,"obs")) { + obs = sg_get_num(buf); +- else if (strcmp(key,"of") == 0) { ++ if ((obs < 0) || (obs > MAX_BPT_VALUE)) { ++ pr2serr("%s: bad argument to 'obs='\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (strcmp(key,"of") == 0) { + memcpy(outf, buf, INOUTF_SZ); + outf[INOUTF_SZ - 1] = '\0'; + } else if (0 == strcmp(key, "oflag")) { +@@ -1311,11 +1333,19 @@ main(int argc, char * argv[]) + clp->poll_ms = sg_get_num(buf); + else if (0 == strcmp(key,"rt_sig")) + clp->use_rt_sig = !!sg_get_num(buf); +- else if (0 == strcmp(key,"seek")) ++ else if (0 == strcmp(key,"seek")) { + seek = sg_get_num(buf); +- else if (0 == strcmp(key,"skip")) ++ if (seek < 0) { ++ pr2serr("%s: bad argument to 'seek='\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (0 == strcmp(key,"skip")) { + skip = sg_get_num(buf); +- else if (0 == strcmp(key,"time")) ++ if (skip < 0) { ++ pr2serr("%s: bad argument to 'skip='\n", my_name); ++ return SG_LIB_SYNTAX_ERROR; ++ } ++ } else if (0 == strcmp(key,"time")) + ; /* do nothing */ + else if ((0 == strcmp(key,"-V")) || (0 == strcmp(key,"--version"))) { + pr2serr("%s: version: %s\n", my_name, version_str); diff --git a/sg3_utils-1.48-initialize_sense_buffers.patch b/sg3_utils-1.48-initialize_sense_buffers.patch new file mode 100644 index 0000000..6027564 --- /dev/null +++ b/sg3_utils-1.48-initialize_sense_buffers.patch @@ -0,0 +1,798 @@ +From 20315aa4fae1340e5d4b1faae15b90ee34b9ea50 Mon Sep 17 00:00:00 2001 +From: Douglas Gilbert +Date: Sat, 20 Nov 2021 17:13:42 +0000 +Subject: [PATCH] sg_z_act_query: new utility for sending either a Zone + activate or Zone query command; sg_rep_zones: add Report zone starting LBA + granularity field in REPORT ZONES response [zbc2r12]; sg_decode_sense: add + --nodecode option; initialize all sense buffers to 0; rework main README file + +git-svn-id: https://svn.bingwo.ca/repos/sg3_utils/trunk@923 6180dd3e-e324-4e3e-922d-17de1ae2f315 +diff --git a/lib/sg_cmds_basic.c b/lib/sg_cmds_basic.c +index 844018c..e177354 100644 +--- a/lib/sg_cmds_basic.c ++++ b/lib/sg_cmds_basic.c +@@ -379,7 +379,7 @@ sg_ll_inquiry_com(struct sg_pt_base * ptvp, int sg_fd, bool cmddt, bool evpd, + bool local_cdb = true; + int res, ret, sense_cat, resid; + uint8_t inq_cdb[INQUIRY_CMDLEN] = {INQUIRY_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + uint8_t * up; + + if (resp == NULL) { +@@ -738,7 +738,7 @@ sg_ll_request_sense_com(struct sg_pt_base * ptvp, int sg_fd, bool desc, + static const char * const rq_s = "request sense"; + uint8_t rs_cdb[REQUEST_SENSE_CMDLEN] = + {REQUEST_SENSE_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + if (desc) + rs_cdb[1] |= 0x1; +@@ -837,7 +837,7 @@ sg_ll_report_luns_com(struct sg_pt_base * ptvp, int sg_fd, int select_report, + int ret, res, sense_cat; + uint8_t rl_cdb[REPORT_LUNS_CMDLEN] = + {REPORT_LUNS_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + rl_cdb[2] = select_report & 0xff; + sg_put_unaligned_be32((uint32_t)mx_resp_len, rl_cdb + 6); +diff --git a/lib/sg_cmds_basic2.c b/lib/sg_cmds_basic2.c +index 06bbda6..7772aa4 100644 +--- a/lib/sg_cmds_basic2.c ++++ b/lib/sg_cmds_basic2.c +@@ -93,7 +93,7 @@ sg_ll_sync_cache_10(int sg_fd, bool sync_nv, bool immed, int group, + int res, ret, sense_cat; + uint8_t sc_cdb[SYNCHRONIZE_CACHE_CMDLEN] = + {SYNCHRONIZE_CACHE_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (sync_nv) +@@ -154,7 +154,7 @@ sg_ll_readcap_16(int sg_fd, bool pmi, uint64_t llba, void * resp, + uint8_t rc_cdb[SERVICE_ACTION_IN_16_CMDLEN] = + {SERVICE_ACTION_IN_16_CMD, READ_CAPACITY_16_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (pmi) { /* lbs only valid when pmi set */ +@@ -209,7 +209,7 @@ sg_ll_readcap_10(int sg_fd, bool pmi, unsigned int lba, void * resp, + int ret, res, sense_cat; + uint8_t rc_cdb[READ_CAPACITY_10_CMDLEN] = + {READ_CAPACITY_10_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (pmi) { /* lbs only valid when pmi set */ +@@ -262,7 +262,7 @@ sg_ll_mode_sense6(int sg_fd, bool dbd, int pc, int pg_code, int sub_pg_code, + int res, ret, sense_cat, resid; + uint8_t modes_cdb[MODE_SENSE6_CMDLEN] = + {MODE_SENSE6_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + modes_cdb[1] = (uint8_t)(dbd ? 0x8 : 0); +@@ -361,7 +361,7 @@ sg_ll_mode_sense10_v2(int sg_fd, bool llbaa, bool dbd, int pc, int pg_code, + struct sg_pt_base * ptvp; + uint8_t modes_cdb[MODE_SENSE10_CMDLEN] = + {MODE_SENSE10_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + modes_cdb[1] = (uint8_t)((dbd ? 0x8 : 0) | (llbaa ? 0x10 : 0)); + modes_cdb[2] = (uint8_t)(((pc << 6) & 0xc0) | (pg_code & 0x3f)); +@@ -448,7 +448,7 @@ sg_ll_mode_select6_v2(int sg_fd, bool pf, bool rtd, bool sp, void * paramp, + int res, ret, sense_cat; + uint8_t modes_cdb[MODE_SELECT6_CMDLEN] = + {MODE_SELECT6_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + modes_cdb[1] = (uint8_t)((pf ? 0x10 : 0x0) | (sp ? 0x1 : 0x0)); +@@ -519,7 +519,7 @@ sg_ll_mode_select10_v2(int sg_fd, bool pf, bool rtd, bool sp, void * paramp, + int res, ret, sense_cat; + uint8_t modes_cdb[MODE_SELECT10_CMDLEN] = + {MODE_SELECT10_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + modes_cdb[1] = (uint8_t)((pf ? 0x10 : 0x0) | (sp ? 0x1 : 0x0)); +@@ -818,7 +818,7 @@ sg_ll_log_sense_v2(int sg_fd, bool ppc, bool sp, int pc, int pg_code, + int res, ret, sense_cat, resid; + uint8_t logs_cdb[LOG_SENSE_CMDLEN] = + {LOG_SENSE_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (mx_resp_len > 0xffff) { +@@ -902,7 +902,7 @@ sg_ll_log_select(int sg_fd, bool pcr, bool sp, int pc, int pg_code, + int res, ret, sense_cat; + uint8_t logs_cdb[LOG_SELECT_CMDLEN] = + {LOG_SELECT_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (param_len > 0xffff) { +@@ -973,7 +973,7 @@ sg_ll_start_stop_unit_com(struct sg_pt_base * ptvp, int sg_fd, bool immed, + bool local_cdb = true; + int res, ret, sense_cat; + uint8_t ssuBlk[START_STOP_CMDLEN] = {START_STOP_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + if (immed) + ssuBlk[1] = 0x1; +@@ -1073,7 +1073,7 @@ sg_ll_prevent_allow(int sg_fd, int prevent, bool noisy, int verbose) + int res, ret, sense_cat; + uint8_t p_cdb[PREVENT_ALLOW_CMDLEN] = + {PREVENT_ALLOW_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if ((prevent < 0) || (prevent > 3)) { +diff --git a/lib/sg_cmds_extra.c b/lib/sg_cmds_extra.c +index cbcc844..7d4f453 100644 +--- a/lib/sg_cmds_extra.c ++++ b/lib/sg_cmds_extra.c +@@ -125,7 +125,7 @@ sg_ll_get_lba_status16(int sg_fd, uint64_t start_llba, uint8_t rt, + static const char * const cdb_s = "Get LBA status(16)"; + int res, s_cat, ret; + uint8_t getLbaStatCmd[SERVICE_ACTION_IN_16_CMDLEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(getLbaStatCmd, 0, sizeof(getLbaStatCmd)); +@@ -202,7 +202,7 @@ sg_ll_get_lba_status32(int sg_fd, uint64_t start_llba, uint32_t scan_len, + static const char * const cdb_s = "Get LBA status(32)"; + int res, s_cat, ret; + uint8_t gls32_cmd[GLS32_CMD_LEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(gls32_cmd, 0, sizeof(gls32_cmd)); +@@ -281,7 +281,7 @@ sg_ll_report_tgt_prt_grp2(int sg_fd, void * resp, int mx_resp_len, + uint8_t rtpg_cdb[MAINTENANCE_IN_CMDLEN] = + {MAINTENANCE_IN_CMD, REPORT_TGT_PRT_GRP_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (extended) +@@ -346,7 +346,7 @@ sg_ll_set_tgt_prt_grp(int sg_fd, void * paramp, int param_len, bool noisy, + uint8_t stpg_cdb[MAINTENANCE_OUT_CMDLEN] = + {MAINTENANCE_OUT_CMD, SET_TGT_PRT_GRP_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be32((uint32_t)param_len, stpg_cdb + 6); +@@ -402,7 +402,7 @@ sg_ll_report_referrals(int sg_fd, uint64_t start_llba, bool one_seg, + uint8_t repRef_cdb[SERVICE_ACTION_IN_16_CMDLEN] = + {SERVICE_ACTION_IN_16_CMD, REPORT_REFERRALS_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be64(start_llba, repRef_cdb + 2); +@@ -475,7 +475,7 @@ sg_ll_send_diag_com(struct sg_pt_base * ptvp, int sg_fd, int st_code, + int res, ret, s_cat, tmout; + uint8_t senddiag_cdb[SEND_DIAGNOSTIC_CMDLEN] = + {SEND_DIAGNOSTIC_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + senddiag_cdb[1] = (uint8_t)(st_code << 5); + if (pf_bit) +@@ -593,7 +593,7 @@ sg_ll_receive_diag_com(struct sg_pt_base * ptvp, int sg_fd, bool pcv, + static const char * const cdb_s = "Receive diagnostic results"; + uint8_t rcvdiag_cdb[RECEIVE_DIAGNOSTICS_CMDLEN] = + {RECEIVE_DIAGNOSTICS_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + if (pcv) + rcvdiag_cdb[1] = 0x1; +@@ -715,7 +715,7 @@ sg_ll_read_defect10(int sg_fd, bool req_plist, bool req_glist, int dl_format, + int res, ret, s_cat; + uint8_t rdef_cdb[READ_DEFECT10_CMDLEN] = + {READ_DEFECT10_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + rdef_cdb[2] = (dl_format & 0x7); +@@ -787,7 +787,7 @@ sg_ll_read_media_serial_num(int sg_fd, void * resp, int mx_resp_len, + uint8_t rmsn_cdb[SERVICE_ACTION_IN_12_CMDLEN] = + {SERVICE_ACTION_IN_12_CMD, READ_MEDIA_SERIAL_NUM_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be32((uint32_t)mx_resp_len, rmsn_cdb + 6); +@@ -851,7 +851,7 @@ sg_ll_report_id_info(int sg_fd, int itype, void * resp, int max_resp_len, + uint8_t rii_cdb[MAINTENANCE_IN_CMDLEN] = {MAINTENANCE_IN_CMD, + REPORT_IDENTIFYING_INFORMATION_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be32((uint32_t)max_resp_len, rii_cdb + 6); +@@ -917,7 +917,7 @@ sg_ll_set_id_info(int sg_fd, int itype, void * paramp, int param_len, + uint8_t sii_cdb[MAINTENANCE_OUT_CMDLEN] = {MAINTENANCE_OUT_CMD, + SET_IDENTIFYING_INFORMATION_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be32((uint32_t)param_len, sii_cdb + 6); +@@ -1000,7 +1000,7 @@ sg_ll_format_unit_v2(int sg_fd, int fmtpinfo, bool longlist, bool fmtdata, + int res, ret, s_cat, tmout; + uint8_t fu_cdb[FORMAT_UNIT_CMDLEN] = + {FORMAT_UNIT_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (fmtpinfo) +@@ -1069,7 +1069,7 @@ sg_ll_reassign_blocks(int sg_fd, bool longlba, bool longlist, void * paramp, + int res, ret, s_cat; + uint8_t reass_cdb[REASSIGN_BLKS_CMDLEN] = + {REASSIGN_BLKS_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (longlba) +@@ -1128,7 +1128,7 @@ sg_ll_persistent_reserve_in(int sg_fd, int rq_servact, void * resp, + int res, ret, s_cat; + uint8_t prin_cdb[PERSISTENT_RESERVE_IN_CMDLEN] = + {PERSISTENT_RESERVE_IN_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (rq_servact > 0) +@@ -1195,7 +1195,7 @@ sg_ll_persistent_reserve_out(int sg_fd, int rq_servact, int rq_scope, + int res, ret, s_cat; + uint8_t prout_cdb[PERSISTENT_RESERVE_OUT_CMDLEN] = + {PERSISTENT_RESERVE_OUT_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (rq_servact > 0) +@@ -1274,7 +1274,7 @@ sg_ll_read_long10(int sg_fd, bool pblock, bool correct, unsigned int lba, + static const char * const cdb_s = "read long(10)"; + int res, s_cat, ret; + uint8_t readLong_cdb[READ_LONG10_CMDLEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(readLong_cdb, 0, READ_LONG10_CMDLEN); +@@ -1366,7 +1366,7 @@ sg_ll_read_long16(int sg_fd, bool pblock, bool correct, uint64_t llba, + static const char * const cdb_s = "read long(16)"; + int res, s_cat, ret; + uint8_t readLong_cdb[SERVICE_ACTION_IN_16_CMDLEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(readLong_cdb, 0, sizeof(readLong_cdb)); +@@ -1459,7 +1459,7 @@ sg_ll_write_long10(int sg_fd, bool cor_dis, bool wr_uncor, bool pblock, + static const char * const cdb_s = "write long(10)"; + int res, s_cat, ret; + uint8_t writeLong_cdb[WRITE_LONG10_CMDLEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(writeLong_cdb, 0, WRITE_LONG10_CMDLEN); +@@ -1541,7 +1541,7 @@ sg_ll_write_long16(int sg_fd, bool cor_dis, bool wr_uncor, bool pblock, + static const char * const cdb_s = "write long(16)"; + int res, s_cat, ret; + uint8_t writeLong_cdb[SERVICE_ACTION_OUT_16_CMDLEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(writeLong_cdb, 0, sizeof(writeLong_cdb)); +@@ -1628,7 +1628,7 @@ sg_ll_verify10(int sg_fd, int vrprotect, bool dpo, int bytchk, + int res, ret, s_cat, slen; + uint8_t v_cdb[VERIFY10_CMDLEN] = + {VERIFY10_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + /* N.B. BYTCHK field expanded to 2 bits sbc3r34 */ +@@ -1709,7 +1709,7 @@ sg_ll_verify16(int sg_fd, int vrprotect, bool dpo, int bytchk, uint64_t llba, + int res, ret, s_cat, slen; + uint8_t v_cdb[VERIFY16_CMDLEN] = + {VERIFY16_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + /* N.B. BYTCHK field expanded to 2 bits sbc3r34 */ +@@ -1807,7 +1807,7 @@ sg_ll_ata_pt(int sg_fd, const uint8_t * cdbp, int cdb_len, + int k, res, slen, duration; + int ret = -1; + uint8_t apt_cdb[ATA_PT_32_CMDLEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + uint8_t * sp; + const uint8_t * bp; + struct sg_pt_base * ptvp; +@@ -1962,7 +1962,7 @@ sg_ll_read_buffer(int sg_fd, int mode, int buffer_id, int buffer_offset, + int res, ret, s_cat; + uint8_t rbuf_cdb[READ_BUFFER_CMDLEN] = + {READ_BUFFER_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + rbuf_cdb[1] = (uint8_t)(mode & 0x1f); +@@ -2027,7 +2027,7 @@ sg_ll_write_buffer(int sg_fd, int mode, int buffer_id, int buffer_offset, + int res, ret, s_cat; + uint8_t wbuf_cdb[WRITE_BUFFER_CMDLEN] = + {WRITE_BUFFER_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + wbuf_cdb[1] = (uint8_t)(mode & 0x1f); +@@ -2098,7 +2098,7 @@ sg_ll_write_buffer_v2(int sg_fd, int mode, int m_specific, int buffer_id, + int res, ret, s_cat; + uint8_t wbuf_cdb[WRITE_BUFFER_CMDLEN] = + {WRITE_BUFFER_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (buffer_offset > 0xffffff) { +@@ -2182,7 +2182,7 @@ sg_ll_unmap_v2(int sg_fd, bool anchor, int group_num, int timeout_secs, + int res, ret, s_cat, tmout; + uint8_t u_cdb[UNMAP_CMDLEN] = + {UNMAP_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (anchor) +@@ -2240,7 +2240,7 @@ sg_ll_read_block_limits(int sg_fd, void * resp, int mx_resp_len, + int ret, res, s_cat; + uint8_t rl_cdb[READ_BLOCK_LIMITS_CMDLEN] = + {READ_BLOCK_LIMITS_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (vb) { +@@ -2301,7 +2301,7 @@ sg_ll_receive_copy_results(int sg_fd, int sa, int list_id, void * resp, + int res, ret, s_cat; + uint8_t rcvcopyres_cdb[THIRD_PARTY_COPY_IN_CMDLEN] = + {THIRD_PARTY_COPY_IN_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + char b[64]; + +@@ -2364,7 +2364,7 @@ sg_ll_extended_copy(int sg_fd, void * paramp, int param_len, bool noisy, + int res, ret, s_cat; + uint8_t xcopy_cdb[THIRD_PARTY_COPY_OUT_CMDLEN] = + {THIRD_PARTY_COPY_OUT_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + const char * cdb_s = "Extended copy (LID1)"; + +@@ -2424,7 +2424,7 @@ sg_ll_3party_copy_out(int sg_fd, int sa, unsigned int list_id, int group_num, + int res, ret, s_cat, tmout; + uint8_t xcopy_cdb[THIRD_PARTY_COPY_OUT_CMDLEN] = + {THIRD_PARTY_COPY_OUT_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + char cname[80]; + +@@ -2511,7 +2511,7 @@ sg_ll_pre_fetch_x(int sg_fd, bool do_seek10, bool cdb16, bool immed, + int res, s_cat, ret, cdb_len, tmout; + const char *cdb_s; + uint8_t preFetchCdb[PRE_FETCH16_CMDLEN]; /* all use longest cdb */ +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(preFetchCdb, 0, sizeof(preFetchCdb)); +diff --git a/src/sg_bg_ctl.c b/src/sg_bg_ctl.c +index a1ca3f2..0e61d38 100644 +--- a/src/sg_bg_ctl.c ++++ b/src/sg_bg_ctl.c +@@ -93,7 +93,7 @@ sg_ll_background_control(int sg_fd, unsigned int bo_ctl, unsigned int bo_time, + uint8_t bcCDB[16] = {SG_SERVICE_ACTION_IN_16, + BACKGROUND_CONTROL_SA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (bo_ctl) +diff --git a/src/sg_compare_and_write.c b/src/sg_compare_and_write.c +index e376202..0a30700 100644 +--- a/src/sg_compare_and_write.c ++++ b/src/sg_compare_and_write.c +@@ -355,7 +355,7 @@ sg_ll_compare_and_write(int sg_fd, uint8_t * buff, int blocks, + uint64_t ull = 0; + struct sg_pt_base * ptvp; + uint8_t cawCmd[COMPARE_AND_WRITE_CDB_SIZE]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + if (sg_build_scsi_cdb(cawCmd, blocks, lba, flags)) { + pr2serr(ME "bad cdb build, lba=0x%" PRIx64 ", blocks=%d\n", +diff --git a/src/sg_dd.c b/src/sg_dd.c +index 75430dd..2fa3750 100644 +--- a/src/sg_dd.c ++++ b/src/sg_dd.c +@@ -715,7 +715,7 @@ sg_read_low(int sg_fd, uint8_t * buff, int blocks, int64_t from_block, + int res, slen; + const uint8_t * sbp; + uint8_t rdCmd[MAX_SCSI_CDBSZ]; +- uint8_t senseBuff[SENSE_BUFF_LEN]; ++ uint8_t senseBuff[SENSE_BUFF_LEN] = {0}; + struct sg_io_hdr io_hdr; + + if (sg_build_scsi_cdb(rdCmd, ifp->cdbsz, blocks, from_block, do_verify, +@@ -1124,7 +1124,7 @@ sg_write(int sg_fd, uint8_t * buff, int blocks, int64_t to_block, + uint64_t io_addr = 0; + const char * op_str = do_verify ? "verifying" : "writing"; + uint8_t wrCmd[MAX_SCSI_CDBSZ]; +- uint8_t senseBuff[SENSE_BUFF_LEN]; ++ uint8_t senseBuff[SENSE_BUFF_LEN] = {0}; + struct sg_io_hdr io_hdr; + + if (sg_build_scsi_cdb(wrCmd, ofp->cdbsz, blocks, to_block, do_verify, +diff --git a/src/sg_format.c b/src/sg_format.c +index 0d9b318..b6620ab 100644 +--- a/src/sg_format.c ++++ b/src/sg_format.c +@@ -278,7 +278,7 @@ sg_ll_format_medium(int sg_fd, bool verify, bool immed, int format, + int ret, res, sense_cat; + uint8_t fm_cdb[SG_FORMAT_MEDIUM_CMDLEN] = + {SG_FORMAT_MEDIUM_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (verify) +@@ -343,7 +343,7 @@ sg_ll_format_with_preset(int sg_fd, bool immed, bool fmtmaxlba, + int ret, res, sense_cat; + uint8_t fwp_cdb[SG_FORMAT_WITH_PRESET_CMDLEN] = + {SG_FORMAT_WITH_PRESET_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (immed) +diff --git a/src/sg_get_elem_status.c b/src/sg_get_elem_status.c +index c60d984..ea5b7d0 100644 +--- a/src/sg_get_elem_status.c ++++ b/src/sg_get_elem_status.c +@@ -144,7 +144,7 @@ sg_ll_get_phy_elem_status(int sg_fd, uint32_t starting_elem, uint8_t filter, + uint8_t gpesCmd[16] = {SG_SERVICE_ACTION_IN_16, + GET_PHY_ELEM_STATUS_SA, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + static const char * const cmd_name = "Get physical element status"; + +diff --git a/src/sg_opcodes.c b/src/sg_opcodes.c +index ffa7823..9d90824 100644 +--- a/src/sg_opcodes.c ++++ b/src/sg_opcodes.c +@@ -195,7 +195,7 @@ do_rsoc(struct sg_pt_base * ptvp, bool rctd, int rep_opts, int rq_opcode, + int ret, res, sense_cat; + uint8_t rsoc_cdb[RSOC_CMD_LEN] = {SG_MAINTENANCE_IN, RSOC_SA, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + if (rctd) + rsoc_cdb[2] |= 0x80; +@@ -259,7 +259,7 @@ do_rstmf(struct sg_pt_base * ptvp, bool repd, void * resp, int mx_resp_len, + int ret, res, sense_cat; + uint8_t rstmf_cdb[RSTMF_CMD_LEN] = {SG_MAINTENANCE_IN, RSTMF_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + + if (repd) + rstmf_cdb[2] = 0x80; +diff --git a/src/sg_read.c b/src/sg_read.c +index cd10c2e..628e0d8 100644 +--- a/src/sg_read.c ++++ b/src/sg_read.c +@@ -296,7 +296,7 @@ sg_bread(int sg_fd, uint8_t * buff, int blocks, int64_t from_block, int bs, + bool no_dxfer) + { + uint8_t rdCmd[MAX_SCSI_CDBSZ]; +- uint8_t senseBuff[SENSE_BUFF_LEN]; ++ uint8_t senseBuff[SENSE_BUFF_LEN] = {0}; + struct sg_io_hdr io_hdr; + + if (sg_build_scsi_cdb(rdCmd, cdbsz, blocks, from_block, false, fua, +diff --git a/src/sg_read_attr.c b/src/sg_read_attr.c +index 87124d3..b0bcedb 100644 +--- a/src/sg_read_attr.c ++++ b/src/sg_read_attr.c +@@ -249,7 +249,7 @@ sg_ll_read_attr(int sg_fd, void * resp, int * residp, bool noisy, + uint8_t ra_cdb[SG_READ_ATTRIBUTE_CMDLEN] = + {SG_READ_ATTRIBUTE_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + ra_cdb[1] = 0x1f & op->sa; +diff --git a/src/sg_read_buffer.c b/src/sg_read_buffer.c +index e3dae42..93c32a5 100644 +--- a/src/sg_read_buffer.c ++++ b/src/sg_read_buffer.c +@@ -166,7 +166,7 @@ sg_ll_read_buffer_10(int sg_fd, int rb_mode, int rb_mode_sp, int rb_id, + int ret, res, sense_cat; + uint8_t rb10_cb[SG_READ_BUFFER_10_CMDLEN] = + {SG_READ_BUFFER_10_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + rb10_cb[1] = (uint8_t)(rb_mode & 0x1f); +@@ -234,7 +234,7 @@ sg_ll_read_buffer_16(int sg_fd, int rb_mode, int rb_mode_sp, int rb_id, + uint8_t rb16_cb[SG_READ_BUFFER_16_CMDLEN] = + {SG_READ_BUFFER_16_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + rb16_cb[1] = (uint8_t)(rb_mode & 0x1f); +diff --git a/src/sg_rep_pip.c b/src/sg_rep_pip.c +index f800d81..2f6127e 100644 +--- a/src/sg_rep_pip.c ++++ b/src/sg_rep_pip.c +@@ -102,7 +102,7 @@ sg_ll_report_pip(int sg_fd, void * resp, int mx_resp_len, int * residp, + uint8_t rz_cdb[SG_MAINT_IN_CMDLEN] = + {SG_MAINTENANCE_IN, REPORT_PROVISIONING_INITIALIZATION_PATTERN_SA, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be32((uint32_t)mx_resp_len, rz_cdb + 6); +diff --git a/src/sg_rep_zones.c b/src/sg_rep_zones.c +index 7453ee2..2e719e7 100644 +--- a/src/sg_rep_zones.c ++++ b/src/sg_rep_zones.c +@@ -191,7 +194,7 @@ sg_ll_report_zzz(int sg_fd, int serv_act, uint64_t zs_lba, bool partial, + uint8_t rz_cdb[SG_ZONING_IN_CMDLEN] = + {SG_ZONING_IN, REPORT_ZONES_SA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + rz_cdb[1] = serv_act; +diff --git a/src/sg_requests.c b/src/sg_requests.c +index a0afd36..ee0c038 100644 +--- a/src/sg_requests.c ++++ b/src/sg_requests.c +@@ -152,7 +152,7 @@ main(int argc, char * argv[]) + char b[256]; + uint8_t rs_cdb[REQUEST_SENSE_CMDLEN] = + {REQUEST_SENSE_CMD, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + #ifndef SG_LIB_MINGW + bool do_time = false; + struct timeval start_tm, end_tm; +diff --git a/src/sg_reset_wp.c b/src/sg_reset_wp.c +index 3a99a72..f3e76b3 100644 +--- a/src/sg_reset_wp.c ++++ b/src/sg_reset_wp.c +@@ -88,7 +88,7 @@ sg_ll_reset_write_pointer(int sg_fd, uint64_t zid, uint16_t zc, bool all, + int ret, res, sense_cat; + uint8_t rwp_cdb[SG_ZONING_OUT_CMDLEN] = {SG_ZONING_OUT, + RESET_WRITE_POINTER_SA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be64(zid, rwp_cdb + 2); +diff --git a/src/sg_sanitize.c b/src/sg_sanitize.c +index 6865e46..ade9be7 100644 +--- a/src/sg_sanitize.c ++++ b/src/sg_sanitize.c +@@ -185,7 +185,7 @@ do_sanitize(int sg_fd, const struct opts_t * op, const void * param_lstp, + bool immed; + int ret, res, sense_cat, timeout; + uint8_t san_cdb[SANITIZE_OP_LEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (op->early || op->wait) +diff --git a/src/sg_stream_ctl.c b/src/sg_stream_ctl.c +index 3f1ff84..eede6e8 100644 +--- a/src/sg_stream_ctl.c ++++ b/src/sg_stream_ctl.c +@@ -116,7 +116,7 @@ sg_ll_get_stream_status(int sg_fd, uint16_t s_str_id, uint8_t * resp, + int k, ret, res, sense_cat; + uint8_t gssCdb[16] = {SG_SERVICE_ACTION_IN_16, + GET_STREAM_STATUS_SA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + static const char * const cmd_name = "Get stream status"; + +@@ -184,7 +184,7 @@ sg_ll_stream_control(int sg_fd, uint32_t str_ctl, uint16_t str_id, + int k, ret, res, sense_cat; + uint8_t scCdb[16] = {SG_SERVICE_ACTION_IN_16, + STREAM_CONTROL_SA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + static const char * const cmd_name = "Stream control"; + +diff --git a/src/sg_sync.c b/src/sg_sync.c +index 751b25c..1a8eebf 100644 +--- a/src/sg_sync.c ++++ b/src/sg_sync.c +@@ -101,7 +101,7 @@ sg_ll_sync_cache_16(int sg_fd, bool sync_nv, bool immed, int group, + uint8_t sc_cdb[SYNCHRONIZE_CACHE16_CMDLEN] = + {SYNCHRONIZE_CACHE16_CMD, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + if (sync_nv) +diff --git a/src/sg_timestamp.c b/src/sg_timestamp.c +index 58f1297..b9da385 100644 +--- a/src/sg_timestamp.c ++++ b/src/sg_timestamp.c +@@ -197,7 +197,7 @@ sg_ll_rep_timestamp(int sg_fd, void * resp, int mx_resp_len, int * residp, + int k, ret, res, sense_cat; + uint8_t rt_cdb[REP_TIMESTAMP_CMDLEN] = + {SG_MAINTENANCE_IN, REP_TIMESTAMP_SA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be32((uint32_t)mx_resp_len, rt_cdb + 6); +@@ -260,7 +260,7 @@ sg_ll_set_timestamp(int sg_fd, void * paramp, int param_len, bool noisy, + uint8_t st_cdb[SET_TIMESTAMP_CMDLEN] = + {SG_MAINTENANCE_OUT, SET_TIMESTAMP_SA, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + sg_put_unaligned_be32(param_len, st_cdb + 6); +diff --git a/src/sg_write_same.c b/src/sg_write_same.c +index bfbfdca..e2213fb 100644 +--- a/src/sg_write_same.c ++++ b/src/sg_write_same.c +@@ -169,8 +169,8 @@ do_write_same(int sg_fd, const struct opts_t * op, const void * dataoutp, + { + int ret, res, sense_cat, cdb_len; + uint64_t llba; +- uint8_t ws_cdb[WRITE_SAME32_LEN]; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t ws_cdb[WRITE_SAME32_LEN] = {0}; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + cdb_len = op->pref_cdb_size; +@@ -194,7 +194,6 @@ do_write_same(int sg_fd, const struct opts_t * op, const void * dataoutp, + } + if (act_cdb_lenp) + *act_cdb_lenp = cdb_len; +- memset(ws_cdb, 0, sizeof(ws_cdb)); + switch (cdb_len) { + case WRITE_SAME10_LEN: + ws_cdb[0] = WRITE_SAME10_OP; +diff --git a/src/sg_write_verify.c b/src/sg_write_verify.c +index 1303020..384899b 100644 +--- a/src/sg_write_verify.c ++++ b/src/sg_write_verify.c +@@ -129,7 +129,7 @@ run_scsi_transaction(int sg_fd, const uint8_t *cdbp, int cdb_len, + { + int res, sense_cat, ret; + struct sg_pt_base * ptvp; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + char b[32]; + + snprintf(b, sizeof(b), "Write and verify(%d)", cdb_len); +diff --git a/src/sg_write_x.c b/src/sg_write_x.c +index 504fe26..18d1e7e 100644 +--- a/src/sg_write_x.c ++++ b/src/sg_write_x.c +@@ -1053,7 +1053,7 @@ do_write_x(int sg_fd, const void * dataoutp, int dout_len, + { + int k, ret, res, sense_cat, cdb_len, vb, err; + uint8_t x_cdb[WRITE_X_32_LEN]; /* use for both lengths */ +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_pt_base * ptvp; + + memset(x_cdb, 0, sizeof(x_cdb)); +diff --git a/src/sg_zone.c b/src/sg_zone.c +index f47e6f6..ff4dc36 100644 +--- a/src/sg_zone.c ++++ b/src/sg_zone.c +@@ -133,7 +133,7 @@ sg_ll_zone_out(int sg_fd, int sa, uint64_t zid, uint16_t zc, bool all, + struct sg_pt_base * ptvp; + uint8_t zo_cdb[SG_ZONING_OUT_CMDLEN] = + {SG_ZONING_OUT, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + char b[64]; + + zo_cdb[1] = 0x1f & sa; +diff --git a/src/sginfo.c b/src/sginfo.c +index ba094dc..51a312a 100644 +--- a/src/sginfo.c ++++ b/src/sginfo.c +@@ -393,7 +393,7 @@ struct scsi_cmnd_io + static int + do_scsi_io(struct scsi_cmnd_io * sio) + { +- uint8_t sense_b[SENSE_BUFF_LEN]; ++ uint8_t sense_b[SENSE_BUFF_LEN] = {0}; + struct sg_io_hdr io_hdr; + struct sg_scsi_sense_hdr ssh; + int res; +diff --git a/src/sgm_dd.c b/src/sgm_dd.c +index 4909c82..e95fca9 100644 +--- a/src/sgm_dd.c ++++ b/src/sgm_dd.c +@@ -471,7 +471,7 @@ sg_read(int sg_fd, uint8_t * buff, int blocks, int64_t from_block, + bool print_cdb_after = false; + int res; + uint8_t rdCmd[MAX_SCSI_CDBSZ]; +- uint8_t senseBuff[SENSE_BUFF_LEN]; ++ uint8_t senseBuff[SENSE_BUFF_LEN] = {0}; + struct sg_io_hdr io_hdr; + + if (sg_build_scsi_cdb(rdCmd, cdbsz, blocks, from_block, false, fua, +@@ -568,7 +568,7 @@ sg_write(int sg_fd, uint8_t * buff, int blocks, int64_t to_block, + bool print_cdb_after = false; + int res; + uint8_t wrCmd[MAX_SCSI_CDBSZ]; +- uint8_t senseBuff[SENSE_BUFF_LEN]; ++ uint8_t senseBuff[SENSE_BUFF_LEN] = {0}; + struct sg_io_hdr io_hdr; + + if (sg_build_scsi_cdb(wrCmd, cdbsz, blocks, to_block, true, fua, dpo)) { diff --git a/sg3_utils.spec b/sg3_utils.spec index 8696547..9d29227 100644 --- a/sg3_utils.spec +++ b/sg3_utils.spec @@ -4,12 +4,27 @@ Summary: Utilities for devices that use SCSI command sets Name: sg3_utils Version: 1.47 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv2+ and BSD URL: https://sg.danny.cz/sg/sg3_utils.html Source0: https://sg.danny.cz/sg/p/sg3_utils-%{version}.tar.xz Source2: scsi-rescan.8 +# https://bugzilla.redhat.com/show_bug.cgi?id=2044433 +# Covscan fixes +Patch0: sg3_utils-1.48-initialize_sense_buffers.patch +Patch1: sg3_utils-1.48-covscan_fixes.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2036718 +# sg_readcap man page contains duplicate -R options +Patch2: sg_readcap-man.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2035382 +# rescan-scsi-bus.sh output shows tab (\t) and newline (\n) characters in output +Patch3: rescan-scsi-bus_printf.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2036005 +# https://bugzilla.redhat.com/show_bug.cgi?id=2035362 +# rescan-scsi-bus.sh with "-r" switch deletes all scsi devices, especially boot disk which causes the system to hang +Patch4: rescan-scsi-bus_sg_inq-parse.patch + Requires: %{name}-libs%{?_isa} = %{version}-%{release} BuildRequires: make BuildRequires: gcc @@ -105,6 +120,12 @@ install -p -m 755 scripts/fc_wwpn_id $RPM_BUILD_ROOT%{_udevlibdir} %changelog +* Thu Jan 27 2022 Tomas Bzatek - 1.47-7 +- Fix sg_inq parsing in rescan-scsi-bus.sh (#2036005,#2035362) +- Fix rescan-scsi-bus.sh summary print (#2035382) +- sg_readcap --zbc man page switch fix (#2036718) +- Various Covscan fixes (#2044433) + * Mon Nov 15 2021 Tomas Bzatek - 1.47-6 - update to stable version 1.47 (svn: r919) (#2011810) diff --git a/sg_readcap-man.patch b/sg_readcap-man.patch new file mode 100644 index 0000000..1179c26 --- /dev/null +++ b/sg_readcap-man.patch @@ -0,0 +1,25 @@ +From 975c80c40b7e4244de94acc95144d81f80e08cb1 Mon Sep 17 00:00:00 2001 +From: Tomas Bzatek +Date: Mon, 17 Jan 2022 14:50:27 +0100 +Subject: [PATCH] man: Fix sg_readcap -z argument in the old options + +--- + doc/sg_readcap.8 | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/doc/sg_readcap.8 b/doc/sg_readcap.8 +index fa2afd3..d936ef9 100644 +--- a/doc/sg_readcap.8 ++++ b/doc/sg_readcap.8 +@@ -178,7 +178,7 @@ and '\-vvv' are also accepted yielding greater verbosity. + \fB\-V\fR + outputs version string then exits. + .TP +-\fB\-R\fR ++\fB\-z\fR + Equivalent to \fI\-\-zbc\fR in the main description. + .SH ENVIRONMENT VARIABLES + Since sg3_utils version 1.23 the environment variable SG3_UTILS_OLD_OPTS +-- +2.34.1 +