On Fri, Feb 26, 2021 at 01:27:25PM +0000, Lee Gibson wrote: > Function _rtl92e_wx_set_scan calls memcpy without checking the length. > A user could control that length and trigger a buffer overflow. > Fix by checking the length is within the maximum allowed size. > > Changes in v2: > Changed to use min_t as per useful suggestions This kind of information is supposed to go below the --- cut off line > > Signed-off-by: Lee Gibson <leegib@xxxxxxxxx> > --- ^^^ here. regards, dan carpenter _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel