From: Kalle Valo <kvalo@codeaurora.org>
To: Nicolai Stange <nstange@suse.de>
Cc: "David S. Miller" <davem@davemloft.net>,
Wen Huang <huangwenabc@gmail.com>,
libertas-dev@lists.infradead.org, linux-wireless@vger.kernel.org,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
Takashi Iwai <tiwai@suse.de>, Miroslav Benes <mbenes@suse.cz>
Subject: Re: [PATCH 2/2] libertas: make lbs_ibss_join_existing() return error code on rates overflow
Date: Tue, 14 Jan 2020 15:44:30 +0200 [thread overview]
Message-ID: <87k15uqhj5.fsf@codeaurora.org> (raw)
In-Reply-To: <20200114103903.2336-3-nstange@suse.de> (Nicolai Stange's message of "Tue, 14 Jan 2020 11:39:03 +0100")
Nicolai Stange <nstange@suse.de> writes:
> Commit e5e884b42639 ("libertas: Fix two buffer overflows at parsing bss
> descriptor") introduced a bounds check on the number of supplied rates to
> lbs_ibss_join_existing() and made it to return on overflow.
>
> However, the aforementioned commit doesn't set the return value accordingly
> and thus, lbs_ibss_join_existing() would return with zero even though it
> failed.
>
> Make lbs_ibss_join_existing return -EINVAL in case the bounds check on the
> number of supplied rates fails.
>
> Fixes: e5e884b42639 ("libertas: Fix two buffer overflows at parsing bss
> descriptor")
This should be in one line, I'll fix it during commit.
--
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
prev parent reply other threads:[~2020-01-14 13:44 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <87woa04t2v.fsf@suse.de>
2020-01-14 10:39 ` [PATCH 0/2] libertas: fix rates overflow code path in lbs_ibss_join_existing() Nicolai Stange
2020-01-14 10:39 ` [PATCH 1/2] libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held Nicolai Stange
2020-01-14 13:43 ` Kalle Valo
2020-01-15 6:21 ` Nicolai Stange
2020-01-26 15:14 ` Kalle Valo
2020-01-27 14:37 ` Kalle Valo
2020-01-14 10:39 ` [PATCH 2/2] libertas: make lbs_ibss_join_existing() return error code on rates overflow Nicolai Stange
2020-01-14 13:44 ` Kalle Valo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k15uqhj5.fsf@codeaurora.org \
--to=kvalo@codeaurora.org \
--cc=davem@davemloft.net \
--cc=huangwenabc@gmail.com \
--cc=libertas-dev@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=mbenes@suse.cz \
--cc=netdev@vger.kernel.org \
--cc=nstange@suse.de \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).