android_kernel_zuk_msm8996.git

diff options

author	Abhishek Ambure <aambure@codeaurora.org>	2019-12-26 15:21:15 +0530
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2020-12-23 00:28:18 -0800
commit	0d07446f94efbde621e41585bf85bc01d11d6f99 (patch)
tree	c2887eaf10a47ea79e03a34a19c1b78f7da99e55 /net/unix/af_unix.c
parent	3c2abac79c699b884d3d8090e1d3652b01b3cc8e (diff)

qcacld-3.0: Add max index check for dscp_to_up_map array

In SME layer, boundary check for dscp_to_up_map array is not present. The dscpmapping is an array of 0x40 elements. Values in dscp_exceptions are used to index dscpmapping. The indices are not validated to be less than 0x40. The dscp_exceptions array is received from association response frame. A malicious AP can send values up to 0xff, causing OOB write of dscpmapping array. Hence, max index check is added to avoid OOB write of dscpmapping array. Change-Id: I73526849677e867673fc0bd0024ed2b003e4f89e CRs-Fixed: 2569764

Diffstat (limited to 'net/unix/af_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: