From 5a71f7c06898582015b1f5fe8c5cc754577d893e Mon Sep 17 00:00:00 2001
From: Adam Rutkowski <adam.j.rutkowski@intel.com>
Date: Mon, 27 Jun 2022 14:49:38 +0200
Subject: [PATCH] validate uuid->size in ocf_volume_init

Optional uuid parameter to ocf_volume_init() points to UUID object
initialized by the user. We should verify it is not excesively large
as we attempt to allocate a buffer to store a copy of the UUID.

Signed-off-by: Adam Rutkowski <adam.j.rutkowski@intel.com>
---
 src/ocf_volume.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/ocf_volume.c b/src/ocf_volume.c
index 5f9fa22..bf64ec2 100644
--- a/src/ocf_volume.c
+++ b/src/ocf_volume.c
@@ -93,6 +93,9 @@ int ocf_volume_init(ocf_volume_t volume, ocf_volume_type_t type,
 	if (!volume || !type)
 		return -OCF_ERR_INVAL;
 
+	if (uuid && uuid->size > OCF_VOLUME_UUID_MAX_SIZE)
+		return -OCF_ERR_INVAL;
+
 	priv_size = type->properties->volume_priv_size;
 	volume->priv = env_zalloc(priv_size, ENV_MEM_NORMAL);
 	if (!volume->priv)