aboutsummaryrefslogtreecommitdiff
path: root/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c')
-rw-r--r--drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
index 013a2db6b2ab..e45b70456011 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
@@ -2871,7 +2871,7 @@ __wlan_hdd_cfg80211_extscan_set_ssid_hotlist(struct wiphy *wiphy,
struct hdd_ext_scan_context *context;
uint32_t request_id;
char ssid_string[SIR_MAC_MAX_SSID_LENGTH + 1];
- int ssid_len;
+ int ssid_len, ssid_length;
eHalStatus status;
int i, rem, retval;
unsigned long rc;
@@ -2950,12 +2950,16 @@ __wlan_hdd_cfg80211_extscan_set_ssid_hotlist(struct wiphy *wiphy,
hddLog(LOGE, FL("attr ssid failed"));
goto fail;
}
- nla_memcpy(ssid_string,
+ ssid_length = nla_strlcpy(ssid_string,
tb2[PARAM_SSID],
sizeof(ssid_string));
hddLog(LOG1, FL("SSID %s"),
ssid_string);
ssid_len = strlen(ssid_string);
+ if (ssid_length > SIR_MAC_MAX_SSID_LENGTH) {
+ hddLog(LOGE, FL("Invalid ssid length"));
+ goto fail;
+ }
memcpy(request->ssids[i].ssid.ssId, ssid_string, ssid_len);
request->ssids[i].ssid.length = ssid_len;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-24 06:55:27 +0000