Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / 8f586a59829bbbab06241d2d6517dfa32a0cb18e
commit8f586a59829bbbab06241d2d6517dfa32a0cb18e[log] [tgz]
authorLee Gibson <leegib@gmail.com>Mon Mar 01 13:26:48 2021 +0000
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Wed Mar 17 17:03:54 2021 +0100
treeb068554a86f02b5e5a73764a7f13952a2dc9dbbd
parent9fe42273b2c6bbd98b031fa93a6fa9ab2e99f121 [diff]
staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd

commit b93c1e3981af19527beee1c10a2bef67a228c48c upstream.

Function r8712_sitesurvey_cmd calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.

Signed-off-by: Lee Gibson <leegib@gmail.com>
Link: https://lore.kernel.org/r/20210301132648.420296-1-leegib@gmail.com
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: b068554a86f02b5e5a73764a7f13952a2dc9dbbd
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README