mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (b70261a2) · Commits · Mirrors / git.yoctoproject.org / linux-yocto · GitLab

Commit b70261a2 authored Jan 02, 2020 by

Qing Xu Committed by Kalle Valo Jan 27, 2020

mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()



mwifiex_cmd_append_vsie_tlv() calls memcpy() without checking
the destination size may trigger a buffer overflower,
which a local user could use to cause denial of service
or the execution of arbitrary code.
Fix it by putting the length check before calling memcpy().

Signed-off-by: Qing Xu <m1s5p6688@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>

parent 3a9b153c

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 8c3c00ca
· May 07, 2020

mentioned in commit 8c3c00ca

mentioned in commit 8c3c00ca170f74ac33e9db2094a1715a527a580f

Toggle commit list

Please register or to comment