commit | f56c81fab258a68d1af87f243225d4acb44ea9c2 | [log] [tgz] |
---|---|---|
author | Abhinav Kumar <abhikuma@codeaurora.org> | Wed Jun 06 16:07:01 2018 +0530 |
committer | nshrivas <nshrivas@codeaurora.org> | Tue Jun 19 00:27:46 2018 -0700 |
tree | 5f2c1a881fbe693dad5fe02b159d07210c6637c8 | |
parent | 052ce25534123e0b275f0df123bdc8aa7c783641 [diff] |
qcacld-3.0: Fix possible OOB read in wlan_hdd_cfg80211_set_ie In case of WLAN_EID_WAPI, Host assuming that the incoming ie buffer is at least of length (4 + 2 + akmsuiteCount * sizeof(uint32_t)) long and is not checked anywhere before accessing. Results possible OOB read issue could occur. Fix is to add a check for incoming buffer IEs. Change-Id: Ia60cf8c56478b47e5f2f654f0cf77fe6bd5706e4 CRs-Fixed: 2252250