android_kernel_xiaomi_sm8350

History

Bala Venkatesh 4e3f275a80 qcacld-3.0: Avoid OOB in function tdls_ct_idle_handler In function tdls_ct_idle_handler, idx is assigned from tdls_info->index which can be 0 254. But tdls_conn_info is static array in tdls_soc_priv_obj of size WLAN_TDLS_STA_MAX_NUM (8). So check idx is less than WLAN_TDLS_STA_MAX_NUM or not to avoid OOB memory access. Change-Id: I8387cb0a44a79f0f83b25c12de2aa9fbc39ab2f3 CRs-Fixed: 2474432	2019-06-20 18:36:10 -07:00
..
core/src	qcacld-3.0: Avoid OOB in function tdls_ct_idle_handler	2019-06-20 18:36:10 -07:00
dispatcher	qcacld-3.0: Pass psoc instead of vdev for teardown links	2019-06-03 02:26:54 -07:00

Bala Venkatesh 4e3f275a80 qcacld-3.0: Avoid OOB in function tdls_ct_idle_handler

In function tdls_ct_idle_handler, idx is assigned from
tdls_info->index which can be 0 254. But tdls_conn_info
is static array in tdls_soc_priv_obj of size
WLAN_TDLS_STA_MAX_NUM (8). So check idx is less than
WLAN_TDLS_STA_MAX_NUM or not to avoid OOB memory access.

Change-Id: I8387cb0a44a79f0f83b25c12de2aa9fbc39ab2f3
CRs-Fixed: 2474432

2019-06-20 18:36:10 -07:00

core/src

qcacld-3.0: Avoid OOB in function tdls_ct_idle_handler

2019-06-20 18:36:10 -07:00

dispatcher

qcacld-3.0: Pass psoc instead of vdev for teardown links

2019-06-03 02:26:54 -07:00