[PATCH v2] qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth

Function qtnf_event_handle_external_auth calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Signed-off-by: Lee Gibson --- v2: use clamp_val() instead of min_t() drivers/net

[PATCH] staging: rtl8712: Fix a possible NULL pointer dereference in function r8712_joinbss_event_callback

GCC 10 analyzer reports a warning: dereference of NULL The function r8712_find_network can return NULL and is usually checked but no check is present is this case. Fix by adding the check. Signed-off-by: Lee Gibson --- drivers/staging/rtl8712/rtl871x_mlme.c | 3 ++- 1 file changed, 2 insertions

[PATCH] wl1251: Fix possible buffer overflow in wl1251_cmd_scan

Function wl1251_cmd_scan calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Signed-off-by: Lee Gibson --- drivers/net/wireless/ti/wl1251/cmd.c | 7 +-- 1 file changed, 5

[PATCH] qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth

Function qtnf_event_handle_external_auth calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Signed-off-by: Lee Gibson --- drivers/net/wireless/quantenna/qtnfmac/event.c | 6

[PATCH] staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd

Function r8712_sitesurvey_cmd calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Signed-off-by: Lee Gibson --- drivers/staging/rtl8712/rtl871x_cmd.c | 6 -- 1 file changed

[PATCH v3] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan

Function _rtl92e_wx_set_scan calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Reviewed-by: Dan Carpenter Signed-off-by: Lee Gibson --- drivers/staging/rtl8192e/rtl8192e

[PATCH v2] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan

Function _rtl92e_wx_set_scan calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Changes in v2: Changed to use min_t as per useful suggestions Signed-off-by: Lee Gibson

[PATCH] staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan

Function _rtl92e_wx_set_scan calls memcpy without checking the length. A user could control that length and trigger a buffer overflow. Fix by checking the length is within the maximum allowed size. Signed-off-by: Lee Gibson --- drivers/staging/rtl8192e/rtl8192e/rtl_wx.c | 3 +++ 1 file changed

[PATCH] staging: fwserial: minor coding style fix

Fixes this checkpatch warning WARNING: Integer promotion: Using 'h' in '%04hx' is unnecessary Signed-off-by: Lee Gibson --- drivers/staging/fwserial/fwserial.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/fwserial/fwserial.c b/driv

[PATCH] staging: rtl8192u: minor coding style fix

Fixes this checkpatch warning WARNING: Comparisons should place the constant on the right side of the test Signed-off-by: Lee Gibson --- drivers/staging/rtl8192u/r8192U_wx.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/rtl8192u/r8192U_wx.c b/drivers

[PATCH] staging: hikey9xx: Fix space tab style warnings

This patch fixes the checkpatch warnings such as: hi6421-spmi-pmic.c:51: WARNING: please, no space before tabs Signed-off-by: Lee Gibson --- drivers/staging/hikey9xx/hi6421-spmi-pmic.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/staging/hikey9xx/hi6421