[WCNCR00169673] misc: add security patch [CVE-2016-3810]
[Description]
1. Return real status.
2. Add boundary protection to prevent buffer overflow.
Change-Id: I7cd70107ea6ac834c93767cbf282ccc7339c5ea1
Signed-off-by: Alice Ou <alice.ou@mediatek.com>
CR-Id: WCNCR00169673
Feature: misc
Reviewed-on: http://gerrit.mediatek.inc:8080/1253455
CheckPatch: Check Patch <srv_checkpatch@mediatek.com>
Reviewed-by: George Kuo <george.kuo@mediatek.com>
Reviewed-by: Sarick Jiang <sarick.jiang@mediatek.com>
Reviewed-by: Soul Huang <soul.huang@mediatek.com>
Build: srv_neptune_adm <srv_neptune_adm@mediatek.com>
diff --git a/os/linux/gl_wext.c b/os/linux/gl_wext.c
index d1f6bf2..4f0837b 100644
--- a/os/linux/gl_wext.c
+++ b/os/linux/gl_wext.c
@@ -2064,7 +2064,7 @@
kalMemFree(prSsid, VIR_MEM_TYPE, sizeof(PARAM_SSID_T));
- return 0;
+ return rStatus;
} /* wext_get_essid */
#if 0
@@ -3496,7 +3496,7 @@
ret = wext_get_essid(prDev, NULL, &iwr->u.essid, prExtraBuf);
if (ret == 0) {
- if (copy_to_user(iwr->u.essid.pointer, prExtraBuf, iwr->u.essid.length))
+ if (copy_to_user(iwr->u.essid.pointer, prExtraBuf, IW_ESSID_MAX_SIZE))
ret = -EFAULT;
}