Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
qcacld-2.0: Fix possible integer underflow in cfg80211_rx_mgmt
propagation from qcacld-3.0 to qcacld-2.0 In the function cfg80211_rx_mgmt, data_len is calculated as len - ieee80211_hdrlen(mgmt->frame_control). Len is not validated before this calculation. So a possible integer underflow will occur if len value is less than the value of ieee80211_hdrlen(mgmt->frame_control). Validate the value of len against ieee80211_hdrlen(mgmt->frame_control) in the caller. Bug: 129850941 Change-Id: Iae776daf37b0c052bd4ce4da44ea728d121eae51 CRs-Fixed: 2337425 Signed-off-by: hsuvictor <hsuvictor@google.com>
- Loading branch information