samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d36ba2d9cfff35fb147bbab0407db6b24e5aee9f
android_kernel_samsung_sm86…/os_if/linux
History
Rajeev Kumar Sirasanagandla d36ba2d9cf qcacmn: Fix possible overread in wifi_pos_parse_req 
In wifi_pos_parse_req(), payload sections of nl attributes ATTR_DATA and
ATTR_META_DATA are type casted to driver internal structures tAniMsgHdr
and wifi_pos_field_info respectively without validating payload lengths
which can lead to buffer overread if the payload lengths are less than
size of internal structures.

To fix this, avoid type-cast and return error if payload lengths of nl
attributes ATTR_DATA and ATTR_META_DATA are less than size of tAniMsgHdr
and wifi_pos_field_info respectively.

Change-Id: Ie9e3197f2cd3852b394e834991aa8d3a5b530d85
CRs-Fixed: 2471275
2019-07-17 08:31:58 -07:00
..
cp_stats
qcacmn: Rename OSIF logging macros
2019-06-17 13:00:54 -07:00
crypto
qcacmn: Rename OSIF logging macros
2019-06-17 13:00:54 -07:00
ftm
qcacmn: Update the LF copyright years as 2018-2019
2019-06-12 23:16:57 -07:00
mlme
qcacmn: Rename OSIF logging macros
2019-06-17 13:00:54 -07:00
scan
qcacmn: Allow simultaneous scans for Hostapd scan
2019-06-25 13:06:58 -07:00
spectral
qcacmn: Make RX path changes for Agile Spectral
2019-06-21 03:09:19 -07:00
wifi_pos
qcacmn: Fix possible overread in wifi_pos_parse_req
2019-07-17 08:31:58 -07:00
qca_vendor.h
qcacmn: Add QCA vendor command to support OEM data
2019-07-09 18:51:24 -07:00
wlan_cfg80211.c
qcacmn: Define os private structure in pdev object
2017-02-23 03:06:53 -08:00
wlan_cfg80211.h
qcacmn: Rename OSIF logging macros
2019-06-17 13:00:54 -07:00
wlan_osif_priv.h
qcacmn: TDLS component: os_if layer
2017-04-20 00:04:43 -07:00
wlan_osif_request_manager.c
qcacmn: Rename OSIF logging macros
2019-06-17 13:00:54 -07:00
wlan_osif_request_manager.h
qcacmn: os_if: Remove legacy markings
2018-05-18 02:17:33 -07:00