iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() - kernel/linux.git

diff options

author	Luca Coelho <luciano.coelho@intel.com>	2018-10-13 09:46:08 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-11-13 22:08:41 +0300
commit	3fa2721424654eae32d14a8374420aa17a0c1255 (patch)
tree	34febb349a9127d7b6daac8dd38a5571161dcae3 /net/ipv4
parent	77f61e7043bfd7ee5ef954383591b3ae544988b0 (diff)
download	linux-3fa2721424654eae32d14a8374420aa17a0c1255.tar.xz

iwlwifi: mvm: check return value of rs_rate_from_ucode_rate()

commit 3d71c3f1f50cf309bd20659422af549bc784bfff upstream. The rs_rate_from_ucode_rate() function may return -EINVAL if the rate is invalid, but none of the callsites check for the error, potentially making us access arrays with index IWL_RATE_INVALID, which is larger than the arrays, causing an out-of-bounds access. This will trigger KASAN warnings, such as the one reported in the bugzilla issue mentioned below. This fixes https://bugzilla.kernel.org/show_bug.cgi?id=200659 Cc: stable@vger.kernel.org Signed-off-by: Luca Coelho <luciano.coelho@intel.com> Signed-off-by: Kalle Valo <kvalo@codeaurora.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'net/ipv4')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: