Re: [PATCH v2] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan

On Fri, Feb 26, 2021 at 01:27:25PM +, Lee Gibson wrote: > Function _rtl92e_wx_set_scan calls memcpy without checking the length. > A user could control that length and trigger a buffer overflow. > Fix by checking the length is within the maximum allowed size. > > Changes in v2: >

[PATCH v2] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan

Function _rtl92e_wx_set_scan calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Changes in v2: Changed to use min_t as per useful suggestions Signed-off-by: Lee Gibson