Accueil Explorer Aide
Connexion
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

qcacld-3.0: Reject NULL SSID for SSID white list

For vendor command QCA_NL80211_VENDOR_SUBCMD_ROAM with sub command
QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_SSID_WHITE_LIST, NULL SSID with
NULL terminal can be accepted since it only requires non-zero
buffer len. Should only accept buffer len greater than 1.

Change-Id: I87144d4bf169e637756a4715c7a596c32f49dc36
CRs-Fixed: 2454035
Min Liu il y a 5 ans
Parent
75d4b7d4cd
commit
dd30889709
1 fichiers modifiés avec 6 ajouts et 2 suppressions
Vue séparée Afficher les stats Diff
  1. 6 2
      core/hdd/src/wlan_hdd_cfg80211.c

+ 6 - 2
core/hdd/src/wlan_hdd_cfg80211.c
Voir le fichier 

@@ -3701,7 +3701,11 @@ static int hdd_set_white_list(struct hdd_context *hdd_ctx,
 
 
 	if (count && tb[PARAM_SSID_LIST]) {
 
 		nla_for_each_nested(curr_attr,
 
-			tb[PARAM_SSID_LIST], rem) {
 
+				    tb[PARAM_SSID_LIST], rem) {
 
+			if (i == MAX_SSID_ALLOWED_LIST) {
 
+				hdd_err("Excess MAX_SSID_ALLOWED_LIST");
 
+				goto fail;
 
+			}
 
 			if (wlan_cfg80211_nla_parse(tb2,
 
 					   QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_MAX,
 
 					   nla_data(curr_attr),
 
@@ -3723,7 +3727,7 @@ static int hdd_set_white_list(struct hdd_context *hdd_ctx,
 
 			 * the NULL termination character to the driver
 
 			 * buffer.
 
 			 */
 
-			if (buf_len && (i < MAX_SSID_ALLOWED_LIST) &&
 
+			if (buf_len > 1 &&
 
 			    ((buf_len - 1) <= WLAN_SSID_MAX_LEN)) {
 
 				nla_memcpy(roam_params->ssid_allowed_list[i].ssId,
 
 					tb2[PARAM_LIST_SSID], buf_len - 1);