commit | 0b1da04c883406f01a20933cdbf7330d342bb58f | [log] [tgz] |
---|---|---|
author | Abhinav Kumar <abhikuma@codeaurora.org> | Mon Sep 17 18:07:27 2018 +0530 |
committer | nshrivas <nshrivas@codeaurora.org> | Thu Oct 11 14:02:06 2018 -0700 |
tree | 8ecb61713342b0b9f1c66550fd75b0bd6d2fa146 | |
parent | f7e1fe1799c0c9b8a2b4c0ceef795aba7ab5cf4e [diff] |
qcacld-3.0: Fix possible OOB read in proc_dnld_rsp In proc_dnld_rsp, pHdr->sBufSize is coming from fw message which could not be trusted. Before its use it should proc_dnld_rsp should verify it against its max allowed size (UINT_MAX). Fix is to add a sanity check for pHdr->sBufSize against UINT_MAX before its use. Change-Id: I6ec970483af860d5e42d6adac640274743f44f1a CRs-Fixed: 2308333