samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Fix potential crash when setting monitor channel

Browse Source 
qcacld-2.0 to qcacld-3.0 propagation

The tCsrRoamProfile memory is not initialized to 0 properly. For the
supported_rates field, it contains a rates array with max size 12
and an integer field numRates which is the actual length of the rates
array. If numRates is not initialized properly and value is unexpected.
it may cause memory access violation error.

CRs-Fixed: 1084846
Change-Id: Ic5b1a13356e835a1186c53768a1d8ab416c9365c
This commit is contained in:
Hong Shi
2016-11-14 14:08:03 +08:00
committed by qcabuildsw
parent 0c2b5e57a0
commit e531d1f562
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/hdd/src/wlan_hdd_wext.c
View File

@@ -10158,6 +10158,7 @@ static int wlan_hdd_set_mon_chan(hdd_adapter_t *adapter, uint32_t chan,
}
hdd_info("Set monitor mode Channel %d", chan);
qdf_mem_zero(&roam_profile, sizeof(roam_profile));
roam_profile.ChannelInfo.ChannelList = &ch_info->channel;
roam_profile.ChannelInfo.numOfChannels = 1;
roam_profile.phyMode = ch_info->phy_mode;