projects / platform / kernel / linux-starfive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 42f5fe3) | patch
ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
authorDan Carpenter <dan.carpenter@oracle.com>
Thu, 13 Aug 2020 14:13:15 +0000 (17:13 +0300)
committerKalle Valo <kvalo@codeaurora.org>
Mon, 17 Aug 2020 10:22:08 +0000 (13:22 +0300)
commit54f9ab7b870934b70e5a21786d951fbcf663970f
treea0191fb94cf24f653beee5b0a5010826edef5202tree | snapshot
parent42f5fe34a701769763c299c49a89595e60871dcfcommit | diff
ath6kl: prevent potential array overflow in ath6kl_add_new_sta()

The value for "aid" comes from skb->data so Smatch marks it as
untrusted.  If it's invalid then it can result in an out of bounds array
access in ath6kl_add_new_sta().

Fixes: 572e27c00c9d ("ath6kl: Fix AP mode connect event parsing and TIM updates")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20200813141315.GB457408@mwanda
drivers/net/wireless/ath/ath6kl/main.c diff | blob | history
Domain: System / Kernel;