android_kernel_zuk_msm8996.git

diff options

author	Pragaspathi Thilagaraj <tpragasp@codeaurora.org>	2019-12-05 19:55:28 +0530
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2019-12-28 08:40:06 -0800
commit	df3267d03f18febbc3b9e5de6c1647133f11646e (patch)
tree	55898ba863496a89d50d45c958ab4aea2e305618 /scripts/gdb/linux/dmesg.py
parent	6575337359b744d3d7f08500dbc9e5707a3f770f (diff)

qcacld-3.0: Fix integer overflow in rrm_fill_beacon_ies()

In function rrm_fill_beacon_ies, the total IE length is calculated as sum of length field of the IE and 2 (element id 1 byte and IE length field 1 byte). The total IE length is defined of type uint16_t and will overflow if the *(pBcnIes + 1)=0xfe. Validate the len against total IE length to avoid overflow. Change-Id: If8f86952ce43c5923906fc6ef18705f1785c5d88 CRs-Fixed: 2573329

Diffstat (limited to 'scripts/gdb/linux/dmesg.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: