Function qtnf_event_handle_external_auth calls memcpy without
checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Signed-off-by: Lee Gibson
---
v2: use clamp_val() instead of min_t()
drivers/net
GCC 10 analyzer reports a warning: dereference of NULL
The function r8712_find_network can return NULL and is usually checked but
no check is present is this case.
Fix by adding the check.
Signed-off-by: Lee Gibson
---
drivers/staging/rtl8712/rtl871x_mlme.c | 3 ++-
1 file changed, 2 insertions
Function wl1251_cmd_scan calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Signed-off-by: Lee Gibson
---
drivers/net/wireless/ti/wl1251/cmd.c | 7 +--
1 file changed, 5
Function qtnf_event_handle_external_auth calls memcpy without
checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Signed-off-by: Lee Gibson
---
drivers/net/wireless/quantenna/qtnfmac/event.c | 6
Function r8712_sitesurvey_cmd calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Signed-off-by: Lee Gibson
---
drivers/staging/rtl8712/rtl871x_cmd.c | 6 --
1 file changed
Function _rtl92e_wx_set_scan calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Reviewed-by: Dan Carpenter
Signed-off-by: Lee Gibson
---
drivers/staging/rtl8192e/rtl8192e
Function _rtl92e_wx_set_scan calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Changes in v2:
Changed to use min_t as per useful suggestions
Signed-off-by: Lee Gibson
Function _rtl92e_wx_set_scan calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Signed-off-by: Lee Gibson
---
drivers/staging/rtl8192e/rtl8192e/rtl_wx.c | 3 +++
1 file changed
Fixes this checkpatch warning
WARNING: Integer promotion: Using 'h' in '%04hx' is unnecessary
Signed-off-by: Lee Gibson
---
drivers/staging/fwserial/fwserial.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/fwserial/fwserial.c
b/driv
Fixes this checkpatch warning
WARNING: Comparisons should place the constant on the right side of the test
Signed-off-by: Lee Gibson
---
drivers/staging/rtl8192u/r8192U_wx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rtl8192u/r8192U_wx.c
b/drivers
This patch fixes the checkpatch warnings such as:
hi6421-spmi-pmic.c:51: WARNING: please, no space before tabs
Signed-off-by: Lee Gibson
---
drivers/staging/hikey9xx/hi6421-spmi-pmic.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/hikey9xx/hi6421
11 matches
Mail list logo