commit | ab6c10d3bdba099b456886aa44ceb0ebdaebb799 | [log] [tgz] |
---|---|---|
author | Harprit Chhabada <harpritchhabada@codeaurora.org> | Wed Oct 31 10:52:34 2018 -0700 |
committer | nshrivas <nshrivas@codeaurora.org> | Tue Nov 06 16:16:11 2018 -0800 |
tree | ade93562e9ddab4c46ac1f7735cc02b4fff6c7f5 | |
parent | dc949c59bea39fc3042944b112afbe192a48f2ba [diff] |
qcacmn: Fix OOB read in util_scan_gen_scan_entry qdf_mem_copy() is called in util_scan_gen_scan_entry() to copy the ssid into scan_entry using a length of WLAN_SSID_MAX_LEN. Because the length of ssid is only checked against the maximum value this will result in an OOB read of up to WLAN_SSID_MAX_LEN bytes. Change-Id: I150e7c7a75e7134cab1c4abeb799578166400461 CRs-Fixed: 2341004