Page MenuHomeFreeBSD
Differential D32341

net80211: proper ssid length check in setmlme_assoc_adhoc()
ClosedPublic
Actions

Authored by bz on Oct 6 2021, 6:50 PM.
Tags
None
Referenced Files
F102101659: D32341.diff
Thu, Nov 7, 3:25 PM
Unknown Object (File)
Wed, Oct 9, 3:21 PM
Unknown Object (File)
Oct 8 2024, 5:57 AM
Unknown Object (File)
Oct 5 2024, 6:08 AM
Unknown Object (File)
Oct 5 2024, 4:35 AM
Unknown Object (File)
Oct 2 2024, 6:06 AM
Unknown Object (File)
Sep 26 2024, 12:41 PM
Unknown Object (File)
Sep 24 2024, 6:03 AM
View All 66 Files
Subscribers
imp
melifaro

Details

Reviewers
emaste
adrian
Group Reviewers
wireless
Commits
rG526370fb85db: net80211: proper ssid length check in setmlme_assoc_adhoc()
Summary

A user supplied SSID length is used without proper checks in
setmlme_assoc_adhoc() which can lead to copies beyond the end
of the user supplied buffer.
The ssid is a fixed size array for the ioctl and the argument
to setmlme_assoc_adhoc().
In addition to an ssid_len check of 0 also error in case the
ssid_len is larger than the size of the ssid array to prevent
problems.

PR: 254737
Reported by: Tommaso (cutesmilee.research protonmail.com)
MFC after: 3 days

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
net80211/
2 lines

Diff 96466

View Options

sys/net80211/ieee80211_ioctl.c

Loading...