10ff2ff9ed34dae7538a2b0b630f55ad3a3de9fd - platform/vendor/qcom-opensource/wlan/qcacld-3.0

commit	10ff2ff9ed34dae7538a2b0b630f55ad3a3de9fd	[log] [tgz]
author	jitiphil <jitiphil@codeaurora.org>	Thu Apr 05 23:53:10 2018 +0530
committer	nshrivas <nshrivas@codeaurora.org>	Thu Apr 26 13:12:04 2018 -0700
tree	fea52b2ecae50b9d8c0ff07527e84267568464f8
parent	ad681bd9444b83a9ef8241cfbae75b05c325d398 [diff]

qcacld-3.0: Fix buffer overflow in htt_t2h_msg_handler_fast

Currently variable "num_mpdu_ranges" is from message, which is used
directly without any validation which causes buffer over-write.

To avoid buffer over-write add check for the valid num_mpdu_ranges

Change-Id: I54e138d4bd63cbe7a0ae4faf0fe9d8e59ca92c71
CRs-Fixed: 2213655

core/dp/htt/htt_t2h.c[diff]

1 file changed

tree: fea52b2ecae50b9d8c0ff07527e84267568464f8

components/
core/
uapi/
Android.mk
Kbuild
Kconfig
Makefile
README.txt