UB in uses of struct nd_cmd_pkg

[crrodriguez]

struct nd_cmd_pkg contains a flexible array at the end

ndctl/ndctl/ndctl.h

Lines 240 to 248 in 4f7a1c6

	struct nd_cmd_pkg {
	__u64 nd_family; /* family of commands */
	__u64 nd_command;
	__u32 nd_size_in; /* INPUT: size of input args */
	__u32 nd_size_out; /* INPUT: size of payload */
	__u32 nd_reserved2[9]; /* reserved must be zero */
	__u32 nd_fw_size; /* OUTPUT: size fw wants to return */
	unsigned char nd_payload[]; /* Contents of call */
	};

but it is then used across the source code at the beggining or the middle of other structures. it must only go at the end, otherwise is undefined what happens to nd_payload.. GCC tolerates this code but it is still unspecified if it will step into someone else's toes or what..

build with -Werror=flex-array-member-not-at-end to test.

[AlisonSchofield]

Thanks for the report!

Please take a look at fix posted here:
https://lore.kernel.org/nvdimm/20260106035209.322010-1-alison.schofield@intel.com/

[crrodriguez]

patch posted looks ok to me.