DivestOS/Patches/Linux_CVEs/CVE-2017-11014/qcacld-3.0/0001.patch

From ec58bc99e29d89f8e164954999ef8a45cec21754 Mon Sep 17 00:00:00 2001
From: Krishna Kumaar Natarajan <kknatara@codeaurora.org>
Date: Wed, 5 Jul 2017 16:47:45 -0700
Subject: qcacld-3.0: Update lim_compute_crc32() to pass uint16_t

Update lim_compute_crc32() to pass uint16_t as a length type.
Currently uint8_t is being passed as length and there will be type
mismatch when authentication frame to be encrypted will be larger
than 255 bytes.

Change-Id: Ic009197c13a2d70c9015a184acff2e82bf80eaba
CRs-Fixed: 2060959
---
 core/mac/src/pe/lim/lim_security_utils.c | 2 +-
 core/mac/src/pe/lim/lim_security_utils.h | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/mac/src/pe/lim/lim_security_utils.c b/core/mac/src/pe/lim/lim_security_utils.c
index c5938c2..1a2964c 100644
--- a/core/mac/src/pe/lim/lim_security_utils.c
+++ b/core/mac/src/pe/lim/lim_security_utils.c
@@ -596,7 +596,7 @@ lim_encrypt_auth_frame(tpAniSirGlobal pMac, uint8_t keyId, uint8_t *pKey,
  * @return None
  */
 
-void lim_compute_crc32(uint8_t *pDest, uint8_t *pSrc, uint8_t len)
+void lim_compute_crc32(uint8_t *pDest, uint8_t *pSrc, uint16_t len)
 {
 	uint32_t crc;
 	int i;
diff --git a/core/mac/src/pe/lim/lim_security_utils.h b/core/mac/src/pe/lim/lim_security_utils.h
index c5b30ba..c3410ea 100644
--- a/core/mac/src/pe/lim/lim_security_utils.h
+++ b/core/mac/src/pe/lim/lim_security_utils.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011-2015 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2011-2015, 2017 The Linux Foundation. All rights reserved.
  *
  * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
  *
@@ -58,7 +58,7 @@ void lim_restore_from_auth_state(tpAniSirGlobal,
 uint8_t lim_delete_open_auth_pre_auth_node(tpAniSirGlobal mac_ctx);
 
 /* Encryption/Decryption related functions */
-void lim_compute_crc32(uint8_t *, uint8_t *, uint8_t);
+void lim_compute_crc32(uint8_t *, uint8_t *, uint16_t);
 void lim_rc4(uint8_t *, uint8_t *, uint8_t *, uint32_t, uint16_t);
 void lim_encrypt_auth_frame(tpAniSirGlobal, uint8_t, uint8_t *, uint8_t *,
 			    uint8_t *, uint32_t);
-- 
cgit v1.1