Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / vendor / qcom-opensource / wlan / qcacld-3.0 / 170d287f1dfbc6b4327f00d77028de2d83d28dd8
commit170d287f1dfbc6b4327f00d77028de2d83d28dd8[log] [tgz]
authorDundi Raviteja <dundi@codeaurora.org>Fri Mar 23 15:49:54 2018 +0530
committernshrivas <nshrivas@codeaurora.org>Thu Mar 29 18:57:20 2018 -0700
treed192562e797dabd1ceb171f0e45853e945d31fa3
parentbfe1433bb2c98f36e4aa602a079e063dcc16aede [diff]
qcacld-3.0: Fix buf overflow in __wlan_hdd_cfg80211_update_connect_params

Currently, number of bytes being copied into keyname_nai buffer is
key_nai_length, which can be greater than FILS_MAX_KEYNAME_NAI_LENGTH.
But the size of keyname_nai is limited to FILS_MAX_KEYNAME_NAI_LENGTH,
which may cause buffer overflow.

To address this issue, add check for key_nai_length against
FILS_MAX_KEYNAME_NAI_LENGTH to ensure buffer overflow does not happen.

Change-Id: I88c89b1fef6fdb1c4bd93e0fb8f3e54634b4940f
CRs-Fixed: 2208881
1 file changed
tree: d192562e797dabd1ceb171f0e45853e945d31fa3
  1. components/
  2. core/
  3. uapi/
  4. Android.mk
  5. Kbuild
  6. Kconfig
  7. Makefile
  8. README.txt