lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5202b599f8
android_kernel_xiaomi_sm8350/core/dp
History
jitiphil 5202b599f8 qcacld-3.0: Incorrect message offset validations in t2h message handling 
Currently in htt_t2h_msg_handler_fast, msg_len, which is in number of
bytes, is directly compared with pdev->rx_mpdu_range_offset_words,
which is in number of words. Thus their comparison becomes invalid.
In htt_t2h_msg_handler, in addition to similar issue as above, the
checks for message offset validations do not consider integer overflows
occurring.

In htt_t2h_msg_handler_fast, the check condition involving
pdev_rx_mpdu_range_offset_words were corrected to work with bytes,
and in htt_t2h_msg_handler checks for integer overflow were also
added.

Change-Id: I9ec7d30cc24d288ddcabd3bb30674a2ca21f2251
CRs-Fixed: 2248069
2018-06-08 10:11:36 -07:00
..
htt qcacld-3.0: Incorrect message offset validations in t2h message handling 2018-06-08 10:11:36 -07:00
ol/inc qcacld-3.0: Featurize packet log 2018-06-06 23:49:08 -07:00
txrx qcacld-3.0: Fix NULL pointer dereferencing of vdev during peer deletion 2018-06-08 00:36:59 -07:00