AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-13 07:27:11 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
601513aa20
linux_dsm_epyc7002/net/nfc
History
Dan Carpenter e9a4aa3ba3 NFC: llcp: integer underflow in nfc_llcp_set_remote_gb() 
If gb_len is less than 3 it would cause an integer underflow and
possibly memory corruption in nfc_llcp_parse_gb_tlv().

I removed the old test for gb_len == 0.  I also removed the test for
->remote_gb == NULL.  It's not possible for ->remote_gb to be NULL and
we have already dereferenced ->remote_gb_len so it's too late to test.

The old test return -ENODEV but my test returns -EINVAL.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2013-02-08 14:51:31 -05:00
..
hci
llcp
nci
af_nfc.c
core.c
Kconfig
Makefile
netlink.c
nfc.h
rawsock.c