mirror of
https://github.com/FEX-Emu/linux.git
synced 2024-12-25 02:48:21 +00:00
bd02cd2549
Evan Huus found (by fuzzing in wireshark) that the radiotap iterator code can access beyond the length of the buffer if the first bitmap claims an extension but then there's no data at all. Fix this. Cc: stable@vger.kernel.org Reported-by: Evan Huus <eapache@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> |
||
---|---|---|
.. | ||
.gitignore | ||
ap.c | ||
chan.c | ||
core.c | ||
core.h | ||
db.txt | ||
debugfs.c | ||
debugfs.h | ||
ethtool.c | ||
ethtool.h | ||
genregdb.awk | ||
ibss.c | ||
Kconfig | ||
lib80211_crypt_ccmp.c | ||
lib80211_crypt_tkip.c | ||
lib80211_crypt_wep.c | ||
lib80211.c | ||
Makefile | ||
mesh.c | ||
mlme.c | ||
nl80211.c | ||
nl80211.h | ||
radiotap.c | ||
rdev-ops.h | ||
reg.c | ||
reg.h | ||
regdb.h | ||
scan.c | ||
sme.c | ||
sysfs.c | ||
sysfs.h | ||
trace.c | ||
trace.h | ||
util.c | ||
wext-compat.c | ||
wext-compat.h | ||
wext-core.c | ||
wext-priv.c | ||
wext-proc.c | ||
wext-sme.c | ||
wext-spy.c |