]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
authorLee Gibson <leegib@gmail.com>
Mon, 19 Apr 2021 14:58:42 +0000 (15:58 +0100)
committerKalle Valo <kvalo@codeaurora.org>
Thu, 22 Apr 2021 14:40:12 +0000 (17:40 +0300)
commit130f634da1af649205f4a3dd86cbe5c126b57914
treea90e9135a7a4a04b8c969af89349777c93c46f6e
parenta9a4c080deb33f44e08afe35f4ca4bb9ece89f4e
qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth

Function qtnf_event_handle_external_auth calls memcpy without
checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.

Signed-off-by: Lee Gibson <leegib@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210419145842.345787-1-leegib@gmail.com
drivers/net/wireless/quantenna/qtnfmac/event.c