This repository has been archived by the owner on Aug 30, 2022. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
qcacld-3.0: Add max index check for dscp_to_up_map array
In SME layer, boundary check for dscp_to_up_map array is not present. The dscpmapping is an array of 0x40 elements. Values in dscp_exceptions are used to index dscpmapping. The indices are not validated to be less than 0x40. The dscp_exceptions array is received from association response frame. A malicious AP can send values up to 0xff, causing OOB write of dscpmapping array. Hence, max index check is added to avoid OOB write of dscpmapping array. Bug: 153345312 Test: Regression test Change-Id: I73526849677e867673fc0bd0024ed2b003e4f89e CRs-Fixed: 2569764
- Loading branch information
Abhishek Ambure
authored and
Hsiu-Chang Chen
committed
Apr 8, 2020
1 parent
d9b6c82
commit d85e8a2
Showing
5 changed files
with
9 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters