From: Luciano Coelho Date: Thu, 7 Jul 2011 12:18:27 +0000 (+0300) Subject: mac80211: fix ie memory allocation for scheduled scans X-Git-Tag: firefly_0821_release~3680^2~5062^2~3^2^2~1 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=1186980dafcd14d0e257a4dd6990cefdc6f3e362;p=firefly-linux-kernel-4.4.55.git mac80211: fix ie memory allocation for scheduled scans We were not allocating memory for the IEs passed in the scheduled_scan request and this was causing memory corruption (buffer overflow). Signed-off-by: Luciano Coelho Signed-off-by: John W. Linville --- diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c index 58ffa7d069c7..669d2e32efb6 100644 --- a/net/mac80211/scan.c +++ b/net/mac80211/scan.c @@ -877,7 +877,8 @@ int ieee80211_request_sched_scan_start(struct ieee80211_sub_if_data *sdata, for (i = 0; i < IEEE80211_NUM_BANDS; i++) { local->sched_scan_ies.ie[i] = kzalloc(2 + IEEE80211_MAX_SSID_LEN + - local->scan_ies_len, + local->scan_ies_len + + req->ie_len, GFP_KERNEL); if (!local->sched_scan_ies.ie[i]) { ret = -ENOMEM;