Search Linux Wireless

Re: [patch 1/4] rndis_wlan: integer overflows in rndis_wlan_do_link_up_work()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Feb 29, 2012 at 09:21:29AM +0100, walter harms wrote:
> >  			resp_ie_len = le32_to_cpu(info->resp_ie_length);
> > +			if (resp_ie_len > CONTROL_BUFFER_SIZE)
> > +				resp_ie_len = CONTROL_BUFFER_SIZE;
> >  			if (resp_ie_len > 0) {
> >  				offset = le32_to_cpu(info->offset_resp_ies);
> > 
> 
> 
> hi dan,
> the check below  "if (resp_ie_len > 0)" looks strange for an unsigned.
> 

Good point.  I'll resend.

regards,
dan carpenter

Attachment: signature.asc
Description: Digital signature

[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux