Re: [PATCH] Staging: prevent rtl8187se from crashing dev_ioctl() in SIOCGIWNAME

From: Bartlomiej Zolnierkiewicz
Date: Sat Jun 20 2009 - 16:45:45 EST

Next message: Jaswinder Singh Rajput: "[PATCH -tip RESEND] x86: asm/types.h remove irrelevant comment foruserspace"
Previous message: Jaswinder Singh Rajput: "[PATCH -tip RESEND] x86: asm/termios.h remove irrelevant commentfor userspace"
In reply to: Dan Aloni: "[PATCH] Staging: prevent rtl8187se from crashing dev_ioctl() inSIOCGIWNAME"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Saturday 20 June 2009 15:32:22 Dan Aloni wrote:
> I repeatedly get __stack_chk_fail panic()s with this driver before
> applying the attached fix.
>
> ieee80211_wx_get_name() ignores sizeof(wrqu->name) which is IFNAMSIZ (16), and
> on certain conditions, the concatenated string will be larger than IFNAMSIZ
> including the terminating zero.
>
> length ("802.11" ++ "b" ++ "/g" ++ " linked" ++ "\x00") == 17
>
> This fix uses strl{cpy,cat} in addition to the reduction of the total
> possible length of the output string by a char.
>
> It can be applied to 2.6.30-stable as well.

Recently added rtl8192su driver seems to also need it, care to port the fix?
(http://patchwork.kernel.org/patch/29630/ is needed to build rtl8192su ATM)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jaswinder Singh Rajput: "[PATCH -tip RESEND] x86: asm/types.h remove irrelevant comment foruserspace"
Previous message: Jaswinder Singh Rajput: "[PATCH -tip RESEND] x86: asm/termios.h remove irrelevant commentfor userspace"
In reply to: Dan Aloni: "[PATCH] Staging: prevent rtl8187se from crashing dev_ioctl() inSIOCGIWNAME"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]