forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/net/wireless
History
Johannes Berg b381cabc48 wext: fix potential private ioctl memory content leak 
commit df6d02300f upstream.

When a driver doesn't fill the entire buffer, old
heap contents may remain, and if it also doesn't
update the length properly, this old heap content
will be copied back to userspace.

It is very unlikely that this happens in any of
the drivers using private ioctls since it would
show up as junk being reported by iwpriv, but it
seems better to be safe here, so use kzalloc.

Reported-by: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-10-28 21:44:02 -07:00
..
chan.c cfg80211: fix locking for SIWFREQ 2009-08-14 09:13:51 -04:00
core.c headers: remove sched.h from interrupt.h 2009-10-11 11:20:58 -07:00
core.h wireless: report reasonable bitrate for MCS rates through wext 2010-07-05 11:11:11 -07:00
debugfs.c cfg80211: clean up naming once and for all 2009-07-10 15:02:33 -04:00
debugfs.h cfg80211: clean up naming once and for all 2009-07-10 15:02:33 -04:00
ibss.c cfg80211: make spurious warnings less likely, configurable 2009-08-28 14:40:30 -04:00
Kconfig wireless: update cfg80211 kconfig entry 2009-09-08 16:31:06 -04:00
lib80211.c lib80211: consolidate crypt init routines 2008-11-21 11:08:17 -05:00
lib80211_crypt_ccmp.c lib80211: silence excessive crypto debugging messages 2009-03-16 18:01:58 -04:00
lib80211_crypt_tkip.c lib80211: silence excessive crypto debugging messages 2009-03-16 18:01:58 -04:00
lib80211_crypt_wep.c lib80211: absorb crypto bits from net/ieee80211 2008-11-21 11:08:17 -05:00
Makefile cfg80211: validate channel settings across interfaces 2009-08-14 09:13:42 -04:00
mlme.c cfg80211: ignore spurious deauth 2010-08-10 10:20:42 -07:00
nl80211.c wireless: report reasonable bitrate for MCS rates through wext 2010-07-05 11:11:11 -07:00
nl80211.h cfg80211: fix locking 2009-07-10 15:02:32 -04:00
radiotap.c wireless: use get/put_unaligned_* helpers 2008-05-14 16:29:32 -04:00
reg.c cfg80211: fix syntax error on user regulatory hints 2010-01-18 10:19:45 -08:00
reg.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-08-12 17:44:53 -07:00
scan.c cfg80211: don't get expired BSSes 2010-08-10 10:20:43 -07:00
sme.c cfg80211: fix channel setting for wext 2010-01-28 15:02:38 -08:00
sysfs.c cfg80211: rename cfg80211_registered_device's idx to wiphy_idx 2009-02-27 14:52:54 -05:00
sysfs.h
util.c wireless: report reasonable bitrate for MCS rates through wext 2010-07-05 11:11:11 -07:00
wext-compat.c wireless extensions: fix kernel heap content leak 2010-09-20 13:17:56 -07:00
wext-compat.h cfg80211: validate channel settings across interfaces 2009-08-14 09:13:42 -04:00
wext-sme.c cfg80211: don't set privacy w/o key 2009-09-28 16:55:04 -04:00
wext.c wext: fix potential private ioctl memory content leak 2010-10-28 21:44:02 -07:00