Kernel/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-13 00:29:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux/drivers/staging
History
Dan Carpenter dd173abfea Staging: vt6655: fix buffer overflow 
"param->u.wpa_associate.wpa_ie_len" comes from the user.  We should
check it so that the copy_from_user() doesn't overflow the buffer.

Also further down in the function, we assume that if
"param->u.wpa_associate.wpa_ie_len" is set then "abyWPAIE[0]" is
initialized.  To make that work, I changed the test here to say that if
"wpa_ie_len" is set then "wpa_ie" has to be a valid pointer or we return
-EINVAL.

Oddly, we only use the first element of the abyWPAIE[] array.  So I
suspect there may be some other issues in this function.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-09-20 16:31:54 -07:00
..
adis16255
Staging: adis16255: missing spacess in log messages added
2010-06-18 15:16:20 -07:00
asus_oled
Staging: asus_oled: asus_oled.c: Checkpatch cleanup
2010-05-11 11:35:30 -07:00
batman-adv
Revert: "Staging: batman-adv: Adding netfilter-bridge hooks"
2010-09-20 16:31:54 -07:00
comedi
staging: comedi das08_cs.c: Fix io_req_t conversion
2010-09-03 17:37:15 -07:00
crystalhd
Staging: autoconvert trivial BKL users to private mutex
2010-07-22 11:10:29 -07:00
cx25821
Staging: Merge staging-next into Linus's tree
2010-08-05 14:18:03 -07:00
cxt1e1
Staging: cxt1e1: remove code guarded by GENERIC_HDLC_VERSION
2010-06-18 15:20:59 -07:00
dream
Staging: dream: pmem: remove casts from void*
2010-07-08 13:49:36 -07:00
dt3155v4l
Staging: dt3155v4l: correcting a pointer mismatch bug and cleanups
2010-06-18 16:50:04 -07:00
easycap
staging: Pushdown bkl to easycap ioctl handlers
2010-08-09 03:28:40 +02:00
echo
staging: trivial: fix typo "seperate"
2010-05-14 13:16:10 -07:00
et131x
Staging: et131x: Small format/style tidyups
2010-06-17 16:08:45 -07:00
frontier
staging: frontier: switch semaphores to mutexes
2010-05-11 11:35:33 -07:00
go7007
i2c: Remove all i2c_set_clientdata(client, NULL) in drivers
2010-06-03 11:33:58 +02:00
hv
staging: hv: Fixed lockup problem with bounce_buffer scatter list
2010-09-03 17:37:15 -07:00
iio
staging: iio: ring_sw Fix pointer arithmetic for 64bit arches by using phys_addr_t
2010-08-02 17:06:04 -07:00
line6
Staging: line6: needs to select SND_PCM
2010-07-28 08:20:55 -07:00
lirc
V4L/DVB: STAGING: remove lirc_ene0100 driver
2010-08-08 23:43:00 -03:00
memrar
Staging: Merge staging-next into Linus's tree
2010-08-05 14:18:03 -07:00
mrst-touchscreen
Staging: mrst-touchscreen: fix dereferencing free memory
2010-06-30 08:18:14 -07:00
msm
staging: msm: remove video drivers for obsolete platforms
2010-07-26 15:39:31 -07:00
octeon
Staging: octeon: depends on NETDEVICES
2010-09-03 17:37:16 -07:00
otus
Staging: comedi : fix brace coding style issue in wwrap.c
2010-08-02 18:27:42 -07:00
panel
staging: panel: fix error path
2010-08-02 18:23:45 -07:00
phison
Staging: phison: depends on ATA_BMDMA
2010-06-04 13:38:57 -07:00
pohmelfs
fs: fs_struct rwlock to spinlock
2010-08-18 08:35:46 -04:00
quatech_usb2
Staging: quatech_usb2: remove unused qt2_box_flush function
2010-08-02 18:25:27 -07:00
quickstart
Staging: quickstart: depends on INPUT
2010-08-02 18:12:46 -07:00
rt2860
Staging: rt2870sta: Add more device IDs from vendor drivers
2010-09-03 17:37:15 -07:00
rt2870
Staging: rt2870: Allow building on ARM
2010-05-11 11:35:55 -07:00
rtl8187se
param: remove unnecessary writable charp
2010-08-11 23:04:27 +09:30
rtl8192e
param: remove unnecessary writable charp
2010-08-11 23:04:27 +09:30
rtl8192su
param: remove unnecessary writable charp
2010-08-11 23:04:27 +09:30
rtl8192u
Staging: Merge staging-next into Linus's tree
2010-08-05 14:18:03 -07:00
samsung-laptop
backlight: Allow properties to be passed at registration
2010-03-16 19:47:54 +00:00
serqt_usb2
Staging: serqt_usb2: fix space coding style issue in serqt_usb2.c
2010-05-11 11:35:54 -07:00
slicoss
Staging: slicoss: Remove net_device_stats from the driver's private
2010-08-02 18:25:26 -07:00
sm7xx
staging: sm7xx: Fixup of the section mismatch
2010-07-22 14:32:59 -07:00
solo6x10
Staging: solo: add delay.h header
2010-07-08 13:57:58 -07:00
spectra
Staging: spectra: depend on X86_MRST
2010-09-03 17:37:16 -07:00
ti-st
Staging: ti-st: update TODO
2010-08-02 18:28:40 -07:00
tidspbridge
staging: ti dspbridge: avoid errors if stream id is zero
2010-08-02 17:11:03 -07:00
tm6000
V4L/DVB: tm6000-input: Make checkpatch.pl happy
2010-08-02 15:29:35 -03:00
udlfb
Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6
2010-05-21 15:26:46 -07:00
usbip
USB: convert usb_hcd bitfields into atomic flags
2010-08-10 14:35:37 -07:00
vme
Staging: autoconvert trivial BKL users to private mutex
2010-07-22 11:10:29 -07:00
vt6655
Staging: vt6655: fix buffer overflow
2010-09-20 16:31:54 -07:00
vt6656
staging: vt6656: removed NTSTATUS definition
2010-08-02 18:19:04 -07:00
winbond
Staging: Merge staging-next into Linus's tree
2010-08-05 14:18:03 -07:00
wlags49_h2
Merge git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6
2010-08-06 12:25:06 -07:00
wlags49_h25
Staging: wlags49_h2, wlags49_h25: fixed Kconfig dependencies
2010-06-04 13:38:57 -07:00
wlan-ng
Staging: wlan-ng: Explicitly set some fields in cfg80211 interface
2010-09-03 17:37:16 -07:00
xgifb
Staging: xgifb: increase VBIOS_VER_MAX_LENGTH to 5
2010-06-22 14:33:36 -07:00
zram
Staging: zram: free device memory when init fails
2010-09-03 17:37:15 -07:00
Kconfig
Staging: sep: remove driver
2010-08-23 18:15:38 -07:00
Makefile
Staging: sep: remove driver
2010-08-23 18:15:38 -07:00
staging.c
Staging: workaround build system bug
2008-10-13 14:32:52 -07:00