| commit | b4d4472ba17e1346ea5170b4296d624451fa13d5 | [log] [tgz] |
|---|---|---|
| author | gaurank kathpalia <gkathpal@codeaurora.org> | Wed Jul 04 11:32:47 2018 +0530 |
| committer | nshrivas <nshrivas@codeaurora.org> | Thu Jul 05 12:44:04 2018 -0700 |
| tree | 32737f18a6eaf71211f387efb2d0cdba75948161 | |
| parent | e92137eb7e8e27d33eb7371e1bfb37b184fac773 [diff] |
qcacld-3.0: Fix possible buffer over-read condition In the API csr_roam_roaming_state_reassoc_rsp_processor the driver extracts pNeighborRoamInfo from pMac, but it may happen the session id is greater than CSR_ROAM_SESSION_MAX which results in a out of bound access of memory. Fix is to have a max check of session ID and then extract pNeighborRoamInfo from that session. Change-Id: If3fb98fa278562abe40137ffead8ff4f85b40b1f CRs-Fixed: 2259229