diff options
| author | Kevin Cernekee <cernekee@google.com> | 2015-09-02 02:47:06 +0000 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2015-09-02 02:47:06 +0000 |
| commit | 6bd9d1719a67d3c917264bb4450fd9c2f69d64c3 (patch) | |
| tree | a3f458013449127c08ec209bea0ad67932e48c6d | |
| parent | e98f97f08bb17434409ff415ab19de50bca79707 (diff) | |
| parent | 5e13633c3a36a0b80015b54d13b42fd337ef62ac (diff) | |
| download | hardware_broadcom_wlan-6bd9d1719a67d3c917264bb4450fd9c2f69d64c3.tar.gz hardware_broadcom_wlan-6bd9d1719a67d3c917264bb4450fd9c2f69d64c3.tar.bz2 hardware_broadcom_wlan-6bd9d1719a67d3c917264bb4450fd9c2f69d64c3.zip | |
am 5e13633c: Merge "wifi_hal: Fix array overflow retrieving gscan results" into mnc-dr-dev
* commit '5e13633c3a36a0b80015b54d13b42fd337ef62ac':
wifi_hal: Fix array overflow retrieving gscan results
| -rw-r--r-- | bcmdhd/wifi_hal/gscan.cpp | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/bcmdhd/wifi_hal/gscan.cpp b/bcmdhd/wifi_hal/gscan.cpp index 8a21a0d..9f5669a 100644 --- a/bcmdhd/wifi_hal/gscan.cpp +++ b/bcmdhd/wifi_hal/gscan.cpp @@ -935,6 +935,10 @@ public: num = it2.get_u32(); ALOGV("retrieved num_results: %d", num); } else if (it2.get_type() == GSCAN_ATTRIBUTE_SCAN_RESULTS) { + if (mRetrieved >= mMax) { + ALOGW("Stored %d scans, ignoring excess results", mRetrieved); + break; + } num = it2.get_len() / sizeof(wifi_scan_result); num = min(MAX_RESULTS - mNextScanResult, num); num = min((int)MAX_AP_CACHE_PER_SCAN, num); @@ -956,9 +960,6 @@ public: &(mScanResults[mNextScanResult]), num * sizeof(wifi_scan_result)); mNextScanResult += num; mRetrieved++; - if (mRetrieved >= mMax && it.has_next()) { - ALOGW("Ignoring attributes after this scan"); - } } else { ALOGW("Ignoring invalid attribute type = %d, size = %d", it.get_type(), it.get_len()); |