rtlwifi: Fix potential overflow on P2P code - android_kernel_xiaomi_sdm660.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Laura Abbott <labbott@redhat.com>	2019-10-18 07:43:21 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2019-11-06 12:09:22 +0100
commit	3da8d0e777fa8a0934a288b115373cf12d7800f8 (patch)
tree	71003fb150e59963b4a91468a459b533046233c7 /samples/kfifo
parent	1cdb53607683a4fa8625a3f3eb65e5d9f4572166 (diff)

rtlwifi: Fix potential overflow on P2P code

commit 8c55dedb795be8ec0cf488f98c03a1c2176f7fb1 upstream. Nicolas Waisman noticed that even though noa_len is checked for a compatible length it's still possible to overrun the buffers of p2pinfo since there's no check on the upper bound of noa_num. Bound noa_num against P2P_MAX_NOA_NUM. Reported-by: Nicolas Waisman <nico@semmle.com> Signed-off-by: Laura Abbott <labbott@redhat.com> Acked-by: Ping-Ke Shih <pkshih@realtek.com> Signed-off-by: Kalle Valo <kvalo@codeaurora.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'samples/kfifo')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: