git.karo-electronics.de Git - linux-beck.git/commit

]> git.karo-electronics.de Git - linux-beck.git/commit

author	John W. Linville <linville@tuxdriver.com>
	Mon, 4 May 2009 15:18:57 +0000 (11:18 -0400)
committer	John W. Linville <linville@tuxdriver.com>
	Mon, 11 May 2009 19:07:01 +0000 (15:07 -0400)
commit	aedec9226809ae9d1972f8f8079fc70206ee7a88
tree	21e003e44b23d5b780e3da8431098e955851948a	tree \| snapshot
parent	e1cc1c578055d20d36e084e324001fb5e0355a71	commit \| diff

airo: airo_get_encode{,ext} potential buffer overflow

Feeding the return code of get_wep_key directly to the length parameter
of memcpy is a bad idea since it could be -1...

Reported-by: Eugene Teo <eugeneteo@kernel.sg>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

drivers/net/wireless/airo.c

diff | blob | history

Beck SC1x5 Kernel

RSS Atom