qcacmn: Validate NDP app info length before accessing NDP app info
Currently, NDP app info length is not being validated with max NDP app info length. This may result in buffer oveflow wile accessing NDP app info received from the firmware. To address this, validate NDP app info length before accessing NDP app info Change-Id: Ifddf1afca7ecf2585e8eb450864d9ba127238f6e CRs-Fixed: 2795961
このコミットが含まれているのは:
Bapiraju Alla
@@ -926,6 +926,10 @@ static QDF_STATUS extract_ndp_confirm_tlv(wmi_unified_t wmi_handle,
|
||||
WMI_MAC_ADDR_TO_CHAR_ARRAY(&fixed_params->peer_ndi_mac_addr,
|
||||
rsp->peer_ndi_mac_addr.bytes);
|
||||
rsp->ndp_info.ndp_app_info_len = fixed_params->ndp_app_info_len;
|
||||
|
||||
if (rsp->ndp_info.ndp_app_info_len > NDP_APP_INFO_LEN)
|
||||
rsp->ndp_info.ndp_app_info_len = NDP_APP_INFO_LEN;
|
||||
|
||||
qdf_mem_copy(rsp->ndp_info.ndp_app_info, event->ndp_app_info,
|
||||
rsp->ndp_info.ndp_app_info_len);
|
||||
|
||||
|
||||
新しいイシューから参照
ユーザーをブロックする