From 32fb022a41cc51edf93fb3fa74080f2325904d19 Mon Sep 17 00:00:00 2001
From: Uwe Seimet <48174652+uweseimet@users.noreply.github.com>
Date: Mon, 14 Mar 2022 01:46:43 +0100
Subject: [PATCH] Updated MODE SENSE error handling in case of an overflow
 (#732)

* Updated MODE SENSE error handling

* Updated range check
---
 src/raspberrypi/devices/disk.cpp | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/raspberrypi/devices/disk.cpp b/src/raspberrypi/devices/disk.cpp
index db14051f..f21e6da5 100644
--- a/src/raspberrypi/devices/disk.cpp
+++ b/src/raspberrypi/devices/disk.cpp
@@ -459,6 +459,11 @@ int Disk::ModeSense6(const DWORD *cdb, BYTE *buf)
 	}
 	size += pages_size;
 
+	if (size > 255) {
+		SetStatusCode(STATUS_INVALIDPRM);
+		return 0;
+	}
+
 	// Do not return more than ALLOCATION LENGTH bytes
 	if (size > length) {
 		size = length;
@@ -541,6 +546,11 @@ int Disk::ModeSense10(const DWORD *cdb, BYTE *buf, int max_length)
 	}
 	size += pages_size;
 
+	if (size > 65535) {
+		SetStatusCode(STATUS_INVALIDPRM);
+		return 0;
+	}
+
 	// Do not return more than ALLOCATION LENGTH bytes
 	if (size > length) {
 		size = length;