On 09/29/2017 02:51 AM, Dan Carpenter wrote:
I'm not totally certain that it's necessary to put an upper limit here.
I think it happens at lower levels. But if we are going to do that then
we should have a lower bound as well.
Signed-off-by: Dan Carpenter <dan.carpen...@oracle.com>
diff --git a/drivers/staging/rtlwifi/core.c b/drivers/staging/rtlwifi/core.c
index 43b8b9efe25f..b55e18304a60 100644
--- a/drivers/staging/rtlwifi/core.c
+++ b/drivers/staging/rtlwifi/core.c
@@ -412,7 +412,8 @@ static void _rtl_add_wowlan_patterns(struct ieee80211_hw
*hw,
for (i = 0; i < wow->n_patterns; i++) {
memset(&rtl_pattern, 0, sizeof(struct rtl_wow_pattern));
memset(mask, 0, MAX_WOL_BIT_MASK_SIZE);
- if (patterns[i].pattern_len > MAX_WOL_PATTERN_SIZE) {
+ if (patterns[i].pattern_len < 0 ||
+ patterns[i].pattern_len > MAX_WOL_PATTERN_SIZE) {
RT_TRACE(rtlpriv, COMP_POWER, DBG_WARNING,
"Pattern[%d] is too long\n", i);
continue;
In principle, both patches are correct, but perhaps the debug message should be
something like
'"Pattern[%d] has bad length of %d\n", i, patterns[i].pattern_len'
Larry
_______________________________________________
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel