staging: r8188eu: overflow in rtw_p2p_get_go_device_address()
The go_devadd_str[] array is two characters too small to hold the address so we corrupt memory. I've changed the user space API slightly and I don't have a way to test if this breaks anything. In the original code we truncated away the last digit of the address and the NUL terminator so it was already a bit broken. Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com> Acked-by: NLarry Finger <Larry.Finger@lwfinger.net> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Showing
想要评论请 注册 或 登录