averello/linux-stable-mirror
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2026-04-29 12:28:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
41eedf39dfb145fb8fa04cd5b799f7bdc7679696
linux-stable-mirror/drivers
T
History
Dan Carpenter 41eedf39df rndis_wlan: integer overflows in rndis_wlan_do_link_up_work() 
If "offset" is negative then we can get past this check:
	if (offset > CONTROL_BUFFER_SIZE)
Or if we pick a very high "req_ie_len" then we can get around the check:
	if (offset + req_ie_len > CONTROL_BUFFER_SIZE)

I made "resp_ie_len" and "req_ie_len" unsigned.  I don't know if it was
intentional that they were signed in the original.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-05 15:23:15 -05:00
..
accessibility
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
acpi
Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux
2012-01-18 15:51:48 -08:00
amba
ata
[libata] ata_piix: Add Toshiba Satellite Pro A120 to the quirks list
2012-01-17 20:50:53 -05:00
atm
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
auxdisplay
base
Merge tag 'pm-fixes-for-3.3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
2012-01-23 15:11:27 -08:00
bcma
bcma: add support for sprom not found on the device
2012-03-05 15:20:50 -05:00
block
nvme: fix merge error due to change of 'make_request_fn' fn type
2012-01-18 15:41:27 -08:00
bluetooth
Bluetooth: btusb: Add vendor specific ID (0a5c 21f3) for BCM20702A0
2012-02-15 13:09:26 +02:00
cdrom
block: add and use scsi_blk_cmd_ioctl
2012-01-14 15:07:24 -08:00
char
tpm: fix (ACPI S3) suspend regression
2012-01-18 15:50:17 -08:00
clk
clocksource
connector
cpufreq
cpuidle
crypto
dca
devfreq
dio
dma
Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dma
2012-01-17 18:40:24 -08:00
edac
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
eisa
firewire
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
firmware
Merge commit '070680218379e15c1901f4bf21b98e3cbf12b527' into stable/for-linus-fixes-3.3
2012-01-12 11:53:55 -05:00
gpio
gpio: tps65910: Use correct offset for gpio initialization
2012-01-18 13:48:43 -07:00
gpu
gma500: Fix shmem mapping
2012-01-24 10:25:03 -08:00
hid
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
hv
hwmon
hwmon: (adm1031) Fix coding style issues
2012-01-16 22:51:48 +01:00
hwspinlock
i2c
Merge branches 'for-33/i2c/eg20t' and 'for-33/i2c/omap' into for-linus/i2c-33
2012-01-17 23:30:41 +00:00
ide
block: add and use scsi_blk_cmd_ioctl
2012-01-14 15:07:24 -08:00
idle
Merge branches 'einj', 'intel_idle', 'misc', 'srat' and 'turbostat-ivb' into release
2012-01-18 01:15:54 -05:00
ieee802154
infiniband
Merge branch 'for-next-merge' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending
2012-01-18 16:29:42 -08:00
input
Merge tag 'for-linus' of git://github.com/rustyrussell/linux
2012-01-14 12:32:16 -08:00
iommu
isdn
Merge tag 'for-linus' of git://github.com/rustyrussell/linux
2012-01-14 12:32:16 -08:00
leds
leds: add led driver for Bachmann's ot200
2012-01-23 08:38:47 -08:00
lguest
macintosh
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
mca
md
Merge branch 'for-3.3/core' of git://git.kernel.dk/linux-block
2012-01-15 12:24:45 -08:00
media
Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
2012-01-18 12:53:54 -08:00
memstick
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
message
mfd
Merge tag 'for-linus' of git://github.com/rustyrussell/linux
2012-01-14 12:32:16 -08:00
misc
Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dma
2012-01-17 18:40:24 -08:00
mmc
Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dma
2012-01-17 18:40:24 -08:00
mtd
Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dma
2012-01-17 18:40:24 -08:00
net
rndis_wlan: integer overflows in rndis_wlan_do_link_up_work()
2012-03-05 15:23:15 -05:00
nfc
NFC: Free sk_buff if nfcwilink_send fails
2012-01-24 14:21:56 -05:00
nubus
of
Merge tags 'devicetree-for-linus' and 'spi-for-linus' of git://git.secretlab.ca/git/linux-2.6
2012-01-14 13:25:55 -08:00
oprofile
parisc
parport
Merge tag 'for-linus' of git://github.com/rustyrussell/linux
2012-01-14 12:32:16 -08:00
pci
kernel-doc: fix new warnings in pci
2012-01-23 08:44:53 -08:00
pcmcia
Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus
2012-01-14 13:05:21 -08:00
pinctrl
platform
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
pnp
power
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
pps
ps3
ptp
rapidio
regulator
regulator: Fix documentation for of_node parameter of regulator_register()
2012-01-24 10:40:06 -08:00
rtc
Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-2.6
2012-01-13 20:43:32 -08:00
s390
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
sbus
scsi
Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6
2012-01-18 12:35:17 -08:00
sfi
sh
sn
spi
Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dma
2012-01-17 18:40:24 -08:00
ssb
ssb: remove 5GHz antenna gain from sprom
2012-03-05 15:20:49 -05:00
staging
Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
2012-01-15 12:49:56 -08:00
target
tc
telephony
thermal
tty
Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dma
2012-01-17 18:40:24 -08:00
uio
usb
Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dma
2012-01-17 18:40:24 -08:00
uwb
vhost
vhost-net: add module alias (v2.1)
2012-01-13 10:12:23 -08:00
video
drivers/video/backlight/l4f00242t03.c: return proper error in l4f00242t03_probe if regulator_get() fails
2012-01-23 08:38:48 -08:00
virt
virtio
vlynq
w1
watchdog
module_param: make bool parameters really bool (drivers & misc)
2012-01-13 09:32:20 +10:30
xen
xen: using EXPORT_SYMBOL requires including export.h
2012-01-18 15:37:49 -08:00
zorro
Kconfig
Makefile