From: Dan Carpenter <dan.carpenter@oracle.com>
Date: Mon, 3 Feb 2014 22:38:35 +0000 (+0300)
Subject: staging: r8188eu: overflow in rtw_p2p_get_go_device_address()
X-Git-Tag: v3.14-rc3~12^2~4
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e6ff3f4e6d258021fe041d7acf5d013c26bf387b;p=pandora-kernel.git

staging: r8188eu: overflow in rtw_p2p_get_go_device_address()

The go_devadd_str[] array is two characters too small to hold the
address so we corrupt memory.

I've changed the user space API slightly and I don't have a way to test
if this breaks anything.  In the original code we truncated away the
last digit of the address and the NUL terminator so it was already a bit
broken.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

Reading git-diff-tree failed