Re: [PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

(Note: this is version 1; there's a later version posted, which does not have a v2 tag...) https://lore.kernel.org/linux-wireless/20201208150951.35866-1-ruc_zhangxiao...@163.com/ On Sat, Jan 9, 2021 at 7:11 AM Peter Seiderer wrote: > On Tue, 8 Dec 2020 20:45:23 +0800, Xiaohui Zhang > wrote:

Re: [PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

Hello Zhang, On Tue, 8 Dec 2020 20:45:23 +0800, Xiaohui Zhang wrote: > From: Zhang Xiaohui > > mwifiex_config_scan() calls memcpy() without checking > the destination size may trigger a buffer overflower, > which a local user could use to cause denial of service > or the execution of

Re: [PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

Brian Norris writes: > On Tue, Dec 8, 2020 at 7:14 AM Xiaohui Zhang wrote: >> >> From: Zhang Xiaohui >> >> mwifiex_config_scan() calls memcpy() without checking >> the destination size may trigger a buffer overflower, >> which a local user could use to cause denial of service >> or the

Re: [PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

Hi Xiaohui, On Wed, Dec 9, 2020 at 12:07 AM Xiaohui Zhang wrote: > > From: Zhang Xiaohui > > mwifiex_config_scan() calls memcpy() without checking > the destination size may trigger a buffer overflower, > which a local user could use to cause denial of service > or the execution of arbitrary

Re: [PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

On Tue, Dec 8, 2020 at 7:14 AM Xiaohui Zhang wrote: > > From: Zhang Xiaohui > > mwifiex_config_scan() calls memcpy() without checking > the destination size may trigger a buffer overflower, > which a local user could use to cause denial of service > or the execution of arbitrary code. > Fix it

[PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

From: Zhang Xiaohui mwifiex_config_scan() calls memcpy() without checking the destination size may trigger a buffer overflower, which a local user could use to cause denial of service or the execution of arbitrary code. Fix it by putting the length check before calling memcpy(). Signed-off-by:

Re: [PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

Xiaohui Zhang writes: > From: Zhang Xiaohui > > mwifiex_config_scan() calls memcpy() without checking > the destination size may trigger a buffer overflower, > which a local user could use to cause denial of service > or the execution of arbitrary code. > Fix it by putting the length check

[PATCH 1/1] mwifiex: Fix possible buffer overflows in mwifiex_config_scan

From: Zhang Xiaohui mwifiex_config_scan() calls memcpy() without checking the destination size may trigger a buffer overflower, which a local user could use to cause denial of service or the execution of arbitrary code. Fix it by putting the length check before calling memcpy(). Signed-off-by: