mirror of
https://github.com/torvalds/linux.git
synced 2024-12-24 20:01:55 +00:00
brcmfmac: assure SSID length from firmware is limited
The SSID length as received from firmware should not exceed IEEE80211_MAX_SSID_LEN as that would result in heap overflow. Reviewed-by: Hante Meuleman <hante.meuleman@broadcom.com> Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com> Reviewed-by: Franky Lin <franky.lin@broadcom.com> Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
This commit is contained in:
parent
9c66a7e5d3
commit
1b5e242316
@ -3507,6 +3507,8 @@ brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
|
||||
}
|
||||
|
||||
netinfo = brcmf_get_netinfo_array(pfn_result);
|
||||
if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
|
||||
netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
|
||||
memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
|
||||
cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
|
||||
cfg->wowl.nd->n_channels = 1;
|
||||
|
Loading…
Reference in New Issue
Block a user