From: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Date: Mon, 25 Jun 2012 14:05:27 +0000 (+0200)
Subject: NFC: Prevent multiple buffer overflows in NCI
X-Git-Tag: v3.2.23~44
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ec5b2b02eedb2c3471d5a87ba0f72d11b04c2af1;p=pandora-kernel.git

NFC: Prevent multiple buffer overflows in NCI

commit 67de956ff5dc1d4f321e16cfbd63f5be3b691b43 upstream.

Fix multiple remotely-exploitable stack-based buffer overflows due to
the NCI code pulling length fields directly from incoming frames and
copying too much data into statically-sized arrays.

Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Cc: security@kernel.org
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: David S. Miller <davem@davemloft.net>
Acked-by: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
[bwh: Backported to 3.2:
 - Drop changes to parsing of tech B and tech F parameters
 - Various renaming]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---

Reading git-diff-tree failed