Luciano Coelho 57a27e1d6a nl80211: fix overflow in ssid_len ... When one of the SSID's length passed in a scan or sched_scan request is larger than 255, there will be an overflow in the u8 that is used to store the length before checking. This causes the check to fail and we overrun the buffer when copying the SSID. Fix this by checking the nl80211 attribute length before copying it to the struct. This is a follow up for the previous commit 208c72f4fe, which didn't fix the problem entirely. Reported-by: Ido Yariv <ido@wizery.com> Signed-off-by: Luciano Coelho <coelho@ti.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>		2011-06-07 14:19:07 -04:00
..
.gitignore
chan.c
core.c	cfg80211: advertise possible interface combinations	2011-05-16 14:10:40 -04:00
core.h	cfg80211: Use consistent BSS matching between scan and sme	2011-05-19 10:37:18 -04:00
db.txt
debugfs.c
debugfs.h
ethtool.c
ethtool.h
genregdb.awk
ibss.c
Kconfig
lib80211_crypt_ccmp.c
lib80211_crypt_tkip.c
lib80211_crypt_wep.c	wireless: Fix warnings due to -Wunused-but-set-variable	2011-05-10 15:53:47 -04:00
lib80211.c
Makefile
mesh.c	nl80211: New notification to discover mesh peer candidates.	2011-04-12 16:57:39 -04:00
mlme.c	mac80211: Let userspace send action frames over mesh interfaces	2011-05-11 14:37:47 -04:00
nl80211.c	nl80211: fix overflow in ssid_len	2011-06-07 14:19:07 -04:00
nl80211.h	cfg80211/nl80211: add support for scheduled scans	2011-05-11 15:12:26 -04:00
radiotap.c
reg.c	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem	2011-05-16 19:32:19 -04:00
reg.h
regdb.h
scan.c	cfg80211: don't drop p2p probe responses	2011-06-01 14:34:01 -04:00
sme.c	cfg80211: Use consistent BSS matching between scan and sme	2011-05-19 10:37:18 -04:00
sysfs.c	nl80211/cfg80211: WoWLAN support	2011-05-05 14:59:19 -04:00
sysfs.h
util.c	cfg80211: Use consistent BSS matching between scan and sme	2011-05-19 10:37:18 -04:00
wext-compat.c
wext-compat.h
wext-core.c
wext-priv.c
wext-proc.c
wext-sme.c
wext-spy.c