Johan Hovold 670a7c5db2 ath9k_htc: fix NULL-deref at probe ...

commit ebeb36670e upstream.

Make sure to check the number of endpoints to avoid dereferencing a
NULL-pointer or accessing memory beyond the endpoint array should a
malicious device lack the expected endpoints.

Fixes: 36bcce4306 ("ath9k_htc: Handle storage devices")
Signed-off-by: Johan Hovold <johan@kernel.org>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2017-05-25 14:30:09 +02:00

..

ath

ath9k_htc: fix NULL-deref at probe

2017-05-25 14:30:09 +02:00

b43

Merge tag 'driver-core-4.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

2015-11-04 21:50:37 -08:00

b43legacy

debugfs: Pass bool pointer to debugfs_create_bool()

2015-10-04 11:36:07 +01:00

brcm80211

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

cw1200

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

hostap

hostap: avoid uninitialized variable use in hfa384x_get_rid

2017-04-30 05:49:28 +02:00

ipw2x00

drivers/net: get rid of unnecessary initializations in .get_drvinfo()

2015-10-16 00:24:10 -07:00

iwlegacy

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

iwlwifi

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

libertas

spi: Drop owner assignment from spi_drivers

2015-10-28 10:30:17 +09:00

libertas_tf

Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux

2015-07-01 10:49:25 -07:00

mediatek

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

mwifiex

mwifiex: pcie: fix cmd_buf use-after-free in remove/reset

2017-05-25 14:30:08 +02:00

orinoco

orinoco_usb: return error in ezusb_probe when alloc_orinocodev fails

2015-10-28 20:55:47 +02:00

p54

spi: Drop owner assignment from spi_drivers

2015-10-28 10:30:17 +09:00

prism54

PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use

2014-08-12 12:15:14 -06:00

realtek

rtlwifi: rtl8821ae: setup 8812ae RFE according to device type

2017-05-25 14:30:08 +02:00

rsi

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

rt2x00

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

ti

wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event

2017-05-20 14:27:03 +02:00

zd1211rw

mac80211: convert HW flags to unsigned long bitmap

2015-06-10 16:05:36 +02:00

adm8211.c

mac80211: convert HW flags to unsigned long bitmap

2015-06-10 16:05:36 +02:00

adm8211.h

…

airo_cs.c

airo_cs: Remove typedef local_info_t

2014-08-11 12:19:53 -07:00

airo.c

airo: fix scan after SIOCSIWAP (airo_set_wap)

2015-10-28 20:54:39 +02:00

airo.h

…

at76c50x-usb.c

mac80211: convert HW flags to unsigned long bitmap

2015-06-10 16:05:36 +02:00

at76c50x-usb.h

mac80211: remove support for IFF_PROMISC

2015-04-24 11:14:13 +02:00

atmel_cs.c

atmel_cs: Remove typedef local_info_t

2014-08-25 16:17:41 -04:00

atmel_pci.c

PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use

2014-08-12 12:15:14 -06:00

atmel.c

wireless: Use eth_<foo>_addr instead of memset

2015-03-03 17:01:36 -05:00

atmel.h

…

Kconfig

New driver: rtl8xxxu (mac80211)

2015-10-21 10:53:29 +03:00

mac80211_hwsim.c

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

mac80211_hwsim.h

mac80211-hwsim: Add HWSIM_CMD_GET_RADIO command

2014-11-19 18:59:32 +01:00

Makefile

rtlwifi: rtl818x: Move drivers into new realtek directory

2015-10-14 13:33:10 +03:00

mwl8k.c

mac80211: pass block ack session timeout to to driver

2017-05-20 14:27:03 +02:00

ray_cs.c

ray_cs: Change 1 to true for bool type variable.

2015-06-02 23:30:14 +03:00

ray_cs.h

ray_cs: Add include guards

2014-08-28 14:41:56 -04:00

rayctl.h

ray_cs: Add include guards

2014-08-28 14:41:56 -04:00

rndis_wlan.c

rndis_wlan: fix checking for default value

2015-09-22 16:14:32 -07:00

wl3501_cs.c

…

wl3501.h

…

zd1201.c

…

zd1201.h

…