Commit b969a6a0 authored by Zhang Shurong's avatar Zhang Shurong Committed by sanglipeng
Browse files

staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() 

stable inclusion
from stable-v5.10.190
commit caac4b6c15b66feae4d83f602e1e46f124540202
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I928UI

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=caac4b6c15b66feae4d83f602e1e46f124540202



--------------------------------

commit 5f1c7031 upstream.

The "exc->key_len" is a u16 that comes from the user.  If it's over
IW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption.

Fixes: b121d848 ("staging: ks7010: simplify calls to memcpy()")
Cc: stable <stable@kernel.org>
Signed-off-by: default avatarZhang Shurong <zhang_shurong@foxmail.com>
Reviewed-by: default avatarDan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/r/tencent_5153B668C0283CAA15AA518325346E026A09@qq.com


Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarsanglipeng <sanglipeng1@jd.com>
parent d529f2ac
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment