]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eea8956) | patch
staging: wilc1000: fix illegal memory access in wilc_parse_join_bss_param()
authorAjay Singh <ajay.kathat@microchip.com>
Thu, 7 Nov 2019 15:58:54 +0000 (15:58 +0000)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 4 Dec 2019 21:30:46 +0000 (22:30 +0100)
commitbb2135c6a5e3eee1d3884af2cfc3d3e5126c4eef
tree67b5e3515b33052ba16679e1c39eedaa30792e15tree | snapshot
parenteea8956c968485b5e6c6ea6a842a0f98ef8f1b20commit | diff
staging: wilc1000: fix illegal memory access in wilc_parse_join_bss_param()

commit c7e621bb981b76d3bfd8a595070ee8282ac4a32b upstream.

Do not copy the extended supported rates in 'param->supp_rates' if the
array is already full with basic rates values. The array size check
helped to avoid possible illegal memory access [1] while copying to
'param->supp_rates' array.

1. https://marc.info/?l=linux-next&m=157301720517456&w=2

Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1487400 ("Memory - illegal accesses")
Fixes: 4e0b0f42c9c7 ("staging: wilc1000: use struct to pack join parameters for FW")
Cc: stable@vger.kernel.org
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20191106062127.3165-1-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/wilc1000/wilc_hif.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git