lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e43a458fdc
android_kernel_xiaomi_sm8350/core/wma/src
History
gaurank kathpalia a4a012ca2e qcacld-3.0: Add length check in wma_process_rmf_frame 
The driver verifies the replay_attack in protected
management frames in the API wma_is_ccmp_pn_replay_attack
The API expects a CCMP header pointer, but it may happen that
the size of the total frame is less than the size of ieee frame
+ the CCMP header length. In that case the CCMP pointer will
point to some memory location  not allocated to the frame, which
will result to out of bound access.

Fix is to add a length check to memory allocated to wbuf in
wma_process_rmf_frame

Change-Id: I351fa671cb8728843c8843c27dd91bcb201abb42
CRs-Fixed: 2230976
2018-05-17 06:03:33 -07:00
..
wlan_qct_wma_legacy.c qcacld-3.0: wma: Remove legacy markings 2018-04-24 14:48:27 -07:00
wma_data.c qcacld-3.0: Do proper cleanup when management frame send failed 2018-05-16 03:57:10 -07:00
wma_dev_if.c qcacld-3.0: Call vdev resp and hold req queue cleanup from MC thread 2018-05-15 20:56:20 -07:00
wma_features.c qcacld-3.0: Revive the WoW wakeup logs to appear in kmsg 2018-05-16 23:19:39 -07:00
wma_fips_api.c qcacld-3.0: Converge on wmi event registration / unregistration 2017-11-30 03:40:23 -08:00
wma_fips_api.h qcacld-3.0: Add WMA FIPS infrastructure 2017-06-29 19:05:56 -07:00
wma_fips_public_structs.h qcacld-3.0: Add WMA FIPS infrastructure 2017-06-29 19:05:56 -07:00
wma_he.c qcacld-3.0: Fix capability parsing in service ready event 2018-02-28 23:35:40 -08:00
wma_main.c qcacld-3.0: Call vdev resp and hold req queue cleanup from MC thread 2018-05-15 20:56:20 -07:00
wma_mgmt.c qcacld-3.0: Add length check in wma_process_rmf_frame 2018-05-17 06:03:33 -07:00
wma_nan_datapath.c qcacld-3.0: wma: Remove legacy markings 2018-04-24 14:48:27 -07:00
wma_nan_datapath.h qcacld-3.0: wma: Remove legacy markings 2018-04-24 14:48:27 -07:00
wma_ocb.c qcacld-3.0: wma: Remove legacy markings 2018-04-24 14:48:27 -07:00
wma_ocb.h qcacld-3.0: wma: Remove legacy markings 2018-04-24 14:48:27 -07:00
wma_power.c qcacld-3.0: wma: Remove legacy markings 2018-04-24 14:48:27 -07:00
wma_sar_public_structs.h qcacld-3.0: UMAC: Add support to retrieve SAR power limits 2018-01-23 12:30:13 -08:00
wma_scan_roam.c qcacld-3.0: Fix misspellings of 'success' 2018-05-16 18:01:12 -07:00
wma_utils_ut.c qcacld-3.0: wma: Remove legacy markings 2018-04-24 14:48:27 -07:00
wma_utils.c qcacld-3.0: Possible buffer overflow in wma_stats_ext_event_handler 2018-05-15 03:21:26 -07:00