android_kernel_zuk_msm8996.git

diff options

author	tinlin <tinlin@codeaurora.org>	2018-10-16 14:06:21 +0800
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2018-10-23 18:57:49 -0700
commit	51491603216f8ea76dd46439977edda6d9b179e8 (patch)
tree	58e706b527afcafe23b7f3c2b94ed9d00af4a520 /tools/perf/scripts/python
parent	ca2722a14d1d8828a51e2592df3fa3f757af7290 (diff)

qcacld-2.0: Fix out-of-bounds access in limProcessAssocReqFrame

Propagation from cld3.0 to cld2.0. Currently the function limProcessAssocReqFrame uses framelen without validation to parse the IE buffer which could lead to out-of-bounds memory access if the framelen is less than or equal to LIM_ASSOC_REQ_IE_OFFSET(4). Add check to validate the frame_len with LIM_ASSOC_REQ_IE_OFFSET before sending frame_len - LIM_ASSOC_REQ_IE_OFFSET to cfg_get_vendor_ie_ptr_from_oui to parse the only IE buffer. Change-Id: Iaa9e8db4a2605169c9ad3904878a2e626eb6de8b CRs-Fixed: 2333905

Diffstat (limited to 'tools/perf/scripts/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: