android_kernel_zuk_msm8996.git

diff options

author	Qing Xu <m1s5p6688@gmail.com>	2020-01-02 10:39:26 +0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-02-14 16:30:02 -0500
commit	91b836b01c788932d86a448d26561740d22e7c9b (patch)
tree	6650213c7cc06b5da482d616d02c52843059d392 /crypto/algapi.c
parent	c6d00f4ce816263a293337bfea34570f61dd2c6b (diff)

mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()

[ Upstream commit 3a9b153c5591548612c3955c9600a98150c81875 ] mwifiex_ret_wmm_get_status() calls memcpy() without checking the destination size.Since the source is given from remote AP which contains illegal wmm elements , this may trigger a heap buffer overflow. Fix it by putting the length check before calling memcpy(). Signed-off-by: Qing Xu <m1s5p6688@gmail.com> Signed-off-by: Kalle Valo <kvalo@codeaurora.org> Signed-off-by: Sasha Levin <sashal@kernel.org>

Diffstat (limited to 'crypto/algapi.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: