탐색 도움말
로그인
GfA
/
linux_kernel
5
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
소스 검색

brcmfmac: fix clearing entry IPv6 address

When IPv6 address is to be cleared there is a possible out of
bound access. But also the clearing of the last entry and the
adjustment of total number of stored IPv6 addresses is not
updated. This patch fixes that bug. Bug was found using coverity.

Reviewed-by: Arend Van Spriel <arend.vanspriel@broadcom.com>
Reviewed-by: Franky Lin <franky.lin@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com>
Signed-off-by: Hante Meuleman <hante.meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Hante Meuleman 9 년 전
부모
835680b82f
커밋
2b7425f362
1개의 변경된 파일5개의 추가작업 그리고 2개의 파일을 삭제
분할 보기 변경상태 보기
  1. 5 2
      drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c

+ 5 - 2
drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
파일 보기 

@@ -873,9 +873,12 @@ static int brcmf_inet6addr_changed(struct notifier_block *nb,
 
 		}
 
 		break;
 
 	case NETDEV_DOWN:
 
-		if (i < NDOL_MAX_ENTRIES)
 
-			for (; i < ifp->ipv6addr_idx; i++)
 
+		if (i < NDOL_MAX_ENTRIES) {
 
+			for (; i < ifp->ipv6addr_idx - 1; i++)
 
 				table[i] = table[i + 1];
 
+			memset(&table[i], 0, sizeof(table[i]));
 
+			ifp->ipv6addr_idx--;
 
+		}
 
 		break;
 
 	default:
 
 		break;