Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit f6c9dee0 authored by Laura Abbott's avatar Laura Abbott Committed by shaohanlin
Browse files

rtlwifi: Fix potential overflow on P2P code 



commit 8c55dedb795be8ec0cf488f98c03a1c2176f7fb1 upstream.

Nicolas Waisman noticed that even though noa_len is checked for
a compatible length it's still possible to overrun the buffers
of p2pinfo since there's no check on the upper bound of noa_num.
Bound noa_num against P2P_MAX_NOA_NUM.

Bug: 142967706
Reported-by: default avatarNicolas Waisman <nico@semmle.com>
Signed-off-by: default avatarLaura Abbott <labbott@redhat.com>
Acked-by: default avatarPing-Ke Shih <pkshih@realtek.com>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@google.com>
Change-Id: I90a9b285feb50b6b5c30e242756d47848902b634
(cherry picked from commit ee33af324931688a75bcc741f1b6cfbeb4584596)
parent f9dc8090
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment