Lee Gibson wrote:
> Function qtnf_event_handle_external_auth calls memcpy without
> checking the length.
> A user could control that length and trigger a buffer overflow.
> Fix by checking the length is within the maximum allowed size.
>
> Signed-off-by: Lee Gibson
Please use clamp_val() inste
Function qtnf_event_handle_external_auth calls memcpy without
checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.
Signed-off-by: Lee Gibson
---
drivers/net/wireless/quantenna/qtnfmac/event.c | 6 -
