android_kernel_samsung_sm8650-modules

samsung-sm8650/android_kernel_samsung_sm8650-modules

Harprit Chhabada 66dfa5cfed qcacld-3.0: Add bound check for fixed_param->total_num_tx_power_levels

Add bound check for new fixed_param->total_num_tx_power_levels
with its old value of rs_results->total_num_tx_power_levels in
wma_unified_radio_tx_power_level_stats_event_handler.

rs_results->tx_time_per_power_level is allocated only once
if it has not been already allocated.This allocation is saved
into the global wma_handle structure.

If multiple invocations of this handler occur then a buffer
overflow  can occur in the following scenario:
1. First message is used to allocate rs_results->tx_time_per_power_level
with a small, but valid size.
2. Second message skips allocation of rs_results->tx_time_per_power_level
since it was done with the first message. This message specifies a larger
valid value and causes the qdf_mem_copy() to overflow.

Change-Id: Ib9c7d3bd667e2ffc1408cd7356be35985331e028
CRs-Fixed: 2327688

2018-10-10 16:32:47 -07:00

components

qcacld-3.0: Add transition timeout detection to DSC

2018-10-09 12:37:26 -07:00

configs

qcacld-3.0: Config changes to enable vdev state machine

2018-10-09 06:12:18 -07:00

core

qcacld-3.0: Add bound check for fixed_param->total_num_tx_power_levels

2018-10-10 16:32:47 -07:00

uapi/linux

qcacld-3.0: Fix tab stop checkpatch warnings

2018-09-13 13:20:38 -07:00

Android.mk

qcacld-3.0: move wlan_mac.bin to /mnt/vendor/persist

2018-10-04 20:12:46 -07:00

Kbuild

qcacld-3.0: Enable AC based flow control by default

2018-10-09 06:12:13 -07:00

Kconfig

qcacld-3.0: Add SARV1 to SARV2 feature flag

2018-07-31 12:58:49 -07:00

Makefile

qcacld-3.0: Pass WLAN_ROOT value for make clean

2018-06-09 00:09:16 -07:00

README.txt

Initial readme for WLAN Host Driver for iHelium

2015-04-06 11:45:23 -07:00

README.txt

This is CNSS WLAN Host Driver for products starting from iHelium