Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / vendor / qcom-opensource / wlan / qcacld-3.0 / dd93cbca9eac0aa27ba043036f46f8a3c016c58b
commitdd93cbca9eac0aa27ba043036f46f8a3c016c58b[log] [tgz]
authorMukul Sharma <mukul@codeaurora.org>Sat Sep 03 13:31:44 2016 +0530
committerqcabuildsw <qcabuildsw@localhost>Sat Sep 10 19:05:54 2016 -0700
treec00fc82bf2a5bccbcdee67bd7a6bf904e1f7b569
parente7ecb7cbb8f2fe5945d010c7d6473bfbf65a1f67 [diff]
qcacld-3.0: Prevent buffer overflow in QCSAP_IOCTL_VERSION

qcacld-2.0 to qcacld-3.0 propagation

The QCSAP_IOCTL_VERSION IOCTL is registered with a maximum GET
buffer length of QCSAP_MAX_SC_IE = 256 bytes. But while filling
buffer, Host allows to fill till WE_MAX_STR_LEN which may lead to
buffer overflow.
As a part of this fix, Host ensure to register with maximum
WE_MAX_STR_LEN buffer length.

Change-Id: I5ba0268e978c7ddadabc96a4eba18140ff7db3c6
CRs-Fixed: 1001142
(cherry picked from commit 85f4f75e8396e27467716555d68b3a18dd57b6fe)
1 file changed
tree: c00fc82bf2a5bccbcdee67bd7a6bf904e1f7b569
  1. config/
  2. core/
  3. target/
  4. uapi/
  5. Android.mk
  6. Kbuild
  7. Kconfig
  8. Makefile
  9. README.txt