On Mon, Mar 19, 2018 at 02:07:45PM +0300, Dan Carpenter wrote:
> If the server is malicious then *bytes_read could be larger than the
> size of the "target" buffer. It would lead to memory corruption when we
> do the memcpy().
>
> Reported-by: Dr Silvio Cesare of InfoSect
> Signed-off-by: Dan C
If the server is malicious then *bytes_read could be larger than the
size of the "target" buffer. It would lead to memory corruption when we
do the memcpy().
Reported-by: Dr Silvio Cesare of InfoSect
Signed-off-by: Dan Carpenter
diff --git a/drivers/staging/ncpfs/ncplib_kernel.c
b/drivers/sta
