summaryrefslogtreecommitdiff
path: root/scripts/gdb/linux/symbols.py
diff options
context:
space:
mode:
authorDundi Raviteja <dundi@codeaurora.org>2018-10-30 12:20:10 +0530
committernshrivas <nshrivas@codeaurora.org>2018-11-09 22:06:36 -0800
commit5d5bfb17beb458a6ec652fd5fde6c2afe9738c93 (patch)
treec995698fc9c7b0532d6c038f6f4b25bc3939caa1 /scripts/gdb/linux/symbols.py
parent837d92ca979c95138858ac70557b2fc55b8898c4 (diff)
qcacld-3.0: Possible OOB access in wlan_hdd_cfg80211_start_bss()
In wlan_hdd_cfg80211_start_bss(), beacon head buffer is typecast to ieee80211_mgmt structure without checking for buffer length against beacon header length which may cause OOB access while accessing iee80211_mgmt structure. To address this, add check for beacon head length against beacon header length before typecasting to iee80211_mgmt structure. Also while accessing supported rates, length given to function wlan_hdd_cfg80211_get_ie_ptr() is the total length of management frame that also includes header length which may cause OOB access while getting supported rates. To address this, send only beacon data length and exclude header length to function wlan_hdd_cfg80211_get_ie_ptr(). Change-Id: I442b236e48c3be8cbd8019c5c339593f9aa74e3e CRs-Fixed: 2335957
Diffstat (limited to 'scripts/gdb/linux/symbols.py')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-22 09:02:41 +0000