On Thu, Aug 10, 2023 at 09:32:57AM +0200, Johannes Berg wrote:
> On Wed, 2023-08-09 at 21:58 +0000, Polaris Pi wrote:
> > Make sure mwifiex_process_mgmt_packet,
> > mwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet,
> > mwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet
> > not out-of-bounds access the skb->data buffer.
> >
> > Fixes: 2dbaf751b1de ("mwifiex: report received management frames to cfg80211")
> > Signed-off-by: Polaris Pi <pinkperfect2021@xxxxxxxxx>
> > ---
> > V5: Follow chromeos comments: preserve the original flow of mwifiex_process_uap_rx_packet
> > V6: Simplify check in mwifiex_process_uap_rx_packet
> > V7: Fix drop packets issue when auotest V6, now pass manual and auto tests
> > V8: Fix missing return after free skb
> >
>
> Arguably, as Brian also said, that missing return is completely
> unrelated and should perhaps be a separate commit?
I think the key here is that Polaris's buggy patch has already been
applied, so this v8 doesn't really work. He has since submitted a proper
fixup patch that applies appropriately, and I've Ack'd that.
Brian
