From c1ea8487f35d3f4dea574552afda6a1637f98bbb Mon Sep 17 00:00:00 2001 From: Jeff Johnson Date: Thu, 15 Jun 2017 12:47:46 -0700 Subject: qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR Currently the QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR nla_policy specifies a type of NLA_STRING, but the underlying implementation expects a NUL-terminated string. Update the policy to correctly use a type of NLA_NUL_STRING with the len updated to remove the allocation needed for the terminating NUL. Change-Id: Ic73241511ab73ae63fd7c1a8d6422da91931919c CRs-Fixed: 2061688 --- CORE/HDD/src/wlan_hdd_nan_datapath.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CORE/HDD/src/wlan_hdd_nan_datapath.c b/CORE/HDD/src/wlan_hdd_nan_datapath.c index 2a2e6e4..d29a23a 100644 --- a/CORE/HDD/src/wlan_hdd_nan_datapath.c +++ b/CORE/HDD/src/wlan_hdd_nan_datapath.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016 The Linux Foundation. All rights reserved. + * Copyright (c) 2016-2017 The Linux Foundation. All rights reserved. * * Previously licensed under the ISC license by Qualcomm Atheros, Inc. * @@ -40,8 +40,8 @@ static const struct nla_policy qca_wlan_vendor_ndp_policy[QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX + 1] = { [QCA_WLAN_VENDOR_ATTR_NDP_SUBCMD] = { .type = NLA_U32 }, [QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID] = { .type = NLA_U16 }, - [QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR] = { .type = NLA_STRING, - .len = IFNAMSIZ }, + [QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR] = { .type = NLA_NUL_STRING, + .len = IFNAMSIZ - 1 }, [QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID] = { .type = NLA_U32 }, [QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL] = { .type = NLA_U32 }, [QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR] = { -- cgit v1.1