On Thu, 2023-08-10 at 16:54 -0700, Brian Norris wrote:
> On Thu, Aug 10, 2023 at 09:32:57AM +0200, Johannes Berg wrote:
> > On Wed, 2023-08-09 at 21:58 +0000, Polaris Pi wrote:
> > > Make sure mwifiex_process_mgmt_packet,
> > > mwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet,
> > > mwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet
> > > not out-of-bounds access the skb->data buffer.
> > >
> > > Fixes: 2dbaf751b1de ("mwifiex: report received management frames to cfg80211")
> > > Signed-off-by: Polaris Pi <pinkperfect2021@xxxxxxxxx>
> > > ---
> > > V5: Follow chromeos comments: preserve the original flow of mwifiex_process_uap_rx_packet
> > > V6: Simplify check in mwifiex_process_uap_rx_packet
> > > V7: Fix drop packets issue when auotest V6, now pass manual and auto tests
> > > V8: Fix missing return after free skb
> > >
> >
> > Arguably, as Brian also said, that missing return is completely
> > unrelated and should perhaps be a separate commit?
>
> I think the key here is that Polaris's buggy patch has already been
> applied, so this v8 doesn't really work. He has since submitted a proper
> fixup patch that applies appropriately, and I've Ack'd that.
>
Right, sorry, I missed that, was looking only at wireless, not wireless-
next.
Thanks all, I'll leave the -next patches for Kalle though :)
johannes
