commit | d6904802233cf8c5d0ac49f9935468594b742599 | [log] [tgz] |
---|---|---|
author | Abhinav Kumar <abhikuma@codeaurora.org> | Thu Dec 21 16:27:03 2017 +0530 |
committer | Anjaneedevi Kapparapu <akappara@codeaurora.org> | Thu Feb 01 15:22:52 2018 +0530 |
tree | 4363765e7216ff011270e464eaabc014795b5116 | |
parent | 851eedad085cc3f0a8639dd6279d4e087c18c6f5 [diff] |
qcacld-2.0: Fix buffer overwrite due to ssid_len in WMA handlers In multiple WMA event handler functions, ssid_len is used to copy ssid from FW buffer to local buffer and ssid_len value is received from the FW. If the ssid_len value exceeds SIR_MAC_MAX_SSID_LENGTH then a buffer overwrite would occur. Add sanity check for ssid_len against SIR_MAC_MAX_SSID_LENGTH in multiple WMA handler functions Change-Id: I9e4b1f88c275093b4912496cdb936cf54a8880a2 CRs-Fixed: 2162678