Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / common / c5d3e25e1808b005f0ac9c8cf8aeff6ba006cb4f
commitc5d3e25e1808b005f0ac9c8cf8aeff6ba006cb4f[log] [tgz]
authorLee Gibson <leegib@gmail.com>Fri Feb 26 14:51:57 2021 +0000
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Wed Mar 17 17:06:32 2021 +0100
tree66eff4d13e0273d870b304681e2438a83aab3ff0
parent74a14d8ae20d2ad25d47af59db299b638872570b [diff]
staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan

commit 8687bf9ef9551bcf93897e33364d121667b1aadf upstream.

Function _rtl92e_wx_set_scan calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.

Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Lee Gibson <leegib@gmail.com>
Cc: stable <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20210226145157.424065-1-leegib@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: 66eff4d13e0273d870b304681e2438a83aab3ff0
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README