subject:"\[PATCH\] rtlwifi\: Fix potential overflow on P2P code"

RE: [PATCH] rtlwifi: Fix potential overflow on P2P code

2019-10-16 Thread Pkshih

er.kernel.org; > net...@vger.kernel.org; > linux-kernel@vger.kernel.org; Nicolas Waisman > Subject: [PATCH] rtlwifi: Fix potential overflow on P2P code > > Nicolas Waisman noticed that even though noa_len is checked for > a compatible length it's still possible to overrun the

[PATCH] rtlwifi: Fix potential overflow on P2P code

2019-10-16 Thread Laura Abbott

Nicolas Waisman noticed that even though noa_len is checked for a compatible length it's still possible to overrun the buffers of p2pinfo since there's no check on the upper bound of noa_num. Bounds check noa_num against P2P_MAX_NOA_NUM. Reported-by: Nicolas Waisman Signed-off-by: Laura Abbott -