qcacld 2.0: Prevent buffer overflow in QCSAP_IOCTL_VERSION
The QCSAP_IOCTL_VERSION IOCTL is registered with a maximum GET buffer length of QCSAP_MAX_SC_IE = 256 bytes. But while filling buffer, Host allows to fill till WE_MAX_STR_LEN which may lead to buffer overflow. As a part of this fix, Host ensure to register with maximum WE_MAX_STR_LEN buffer length. Change-Id: I5ba0268e978c7ddadabc96a4eba18140ff7db3c6 CRs-Fixed: 1001142
This commit is contained in:
parent
4bd5bf3fd5
commit
ac01a8aebe
|
@ -6322,7 +6322,7 @@ static const struct iw_priv_args hostapd_private_args[] = {
|
|||
{ QCSAP_IOCTL_STOPBSS,
|
||||
IW_PRIV_TYPE_BYTE | IW_PRIV_SIZE_FIXED, 0, "stopbss" },
|
||||
{ QCSAP_IOCTL_VERSION, 0,
|
||||
IW_PRIV_TYPE_CHAR | QCSAP_MAX_WSC_IE, "version" },
|
||||
IW_PRIV_TYPE_CHAR | WE_MAX_STR_LEN, "version" },
|
||||
{ QCSAP_IOCTL_GET_STA_INFO, 0,
|
||||
IW_PRIV_TYPE_CHAR | WE_SAP_MAX_STA_INFO, "get_sta_info" },
|
||||
{ QCSAP_IOCTL_GET_WPS_PBC_PROBE_REQ_IES,
|
||||
|
|
Loading…
Reference in New Issue