| commit | 3d7f6623f4a74756d6fe1820cfbd73a380068bb7 | [log] [tgz] |
|---|---|---|
| author | Vignesh Viswanathan <viswanat@codeaurora.org> | Fri Sep 15 17:45:58 2017 +0530 |
| committer | Vignesh Viswanathan <viswanat@codeaurora.org> | Tue Nov 07 19:34:33 2017 +0530 |
| tree | 64ab5d31f76137111d3619558e94052b62a07ae1 | |
| parent | 8bb90caf194a1b56ac60d7421f30ae49493d9a3d [diff] |
wlan: Fix out-of-bounds access in limProcessActionFrameNoSession Currently in the function limProcessActionFrameNoSession, mem_cmp is done on the received frame pointer without validating the frame_len which could lead to out-of-bounds memory access if the frame_len is not matching the size of action_hdr. Add check to validate the frame_len with action_hdr size before doing mem_cmp for the p2p oui. Change-Id: I39329d1a9ef45614d3c617db11a7a7f5ec2aaaec CRs-Fixed: 2110756