qcacld-2.0: Fix array out-of-bounds & integer underflow in _iw_set_genie
'wrqu->data.length' holds the total number of IE data buffer.
Add a check to make sure the number of remaining data to be read is
greater than or equal to IE length.
Also, advance the buffer pointer to point to the next element only
if next element is present.
FPII-2838: Information disclosure vulnerability in Qualcomm Wi-Fi driver (device specific) CVE-2017-0461A-32073794 QC-CR#1100132
FPIIM-399
Change-Id: Iacd98fd53a905a075759db84537e2c8888dab6b6
1 file changed