mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net
History
Sven Eckelmann 3c12d04868 cfg80211: initialize sinfo in cfg80211_get_station 
Most of the implementations behind cfg80211_get_station will not initialize
sinfo to zero before manipulating it. For example, the member "filled",
which indicates the filled in parts of this struct, is often only modified
by enabling certain bits in the bitfield while keeping the remaining bits
in their original state. A caller without a preinitialized sinfo.filled can
then no longer decide which parts of sinfo were filled in by
cfg80211_get_station (or actually the underlying implementations).

cfg80211_get_station must therefore take care that sinfo is initialized to
zero. Otherwise, the caller may tries to read information which was not
filled in and which must therefore also be considered uninitialized. In
batadv_v_elp_get_throughput's case, an invalid "random" expected throughput
may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may
switch to non-optimal neighbors for certain destinations.

Fixes: 7406353d43 ("cfg80211: implement cfg80211_get_station cfg80211 API")
Reported-by: Thomas Lauer <holminateur@gmail.com>
Reported-by: Marcel Schmidt <ff.z-casparistrasse@mailbox.org>
Cc: b.a.t.m.a.n@lists.open-mesh.org
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
 		2018-06-15 13:01:47 +02:00
..
6lowpan
9p net/9p/trans_xen.c: don't inclide rwlock.h directly 2018-06-07 17:34:34 -07:00
802
8021q Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
appletalk Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
atm Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
ax25 Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-05-26 19:46:15 -04:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
bpf bpf: making bpf_prog_test run aware of possible data_end ptr change 2018-04-18 23:34:16 +02:00
bpfilter bpfilter: fix race in pipe access 2018-06-07 20:07:28 -04:00
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2018-06-11 14:24:32 -07:00
caif net/caif: convert to ->poll_mask 2018-05-26 09:16:44 +02:00
can Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
ceph - Introduce arithmetic overflow test helper functions (Rasmus) 2018-06-06 17:27:14 -07:00
core Revert "net: do not allow changing SO_REUSEADDR/SO_REUSEPORT on bound sockets" 2018-06-12 11:09:23 -07:00
dcb net/dcb: Add dcbnl buffer attribute 2018-05-24 14:22:59 -07:00
dccp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
decnet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
dns_resolver KEYS: DNS: limit the length of option strings 2018-04-17 15:17:41 -04:00
dsa net: dsa: add error handling for pskb_trim_rcsum 2018-06-11 14:19:38 -07:00
ethernet net: core: rework basic flow dissection helper 2018-05-08 00:02:36 -04:00
hsr
ieee802154 Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
ife net: sched: ife: check on metadata length 2018-04-22 21:12:00 -04:00
ipv4 tcp: verify the checksum of the first data segment in a new connection 2018-06-14 17:04:41 -07:00
ipv6 tcp: verify the checksum of the first data segment in a new connection 2018-06-14 17:04:41 -07:00
iucv net/iucv: convert to ->poll_mask 2018-05-26 09:16:44 +02:00
kcm Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
key Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
l2tp l2tp: clean up stale tunnel or session in pppol2tp_connect's error path 2018-06-14 17:10:19 -07:00
l3mdev
lapb
llc Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
mac80211 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-05-26 19:46:15 -04:00
mac802154 net/mac802154: disambiguate mac80215 vs mac802154 trace events 2018-03-28 22:55:18 +02:00
mpls net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
ncsi net/ncsi: Avoid GFP_KERNEL in response handler 2018-06-03 10:42:07 -04:00
netfilter netfilter: nf_conncount: Fix garbage collection with zones 2018-06-12 20:07:07 +02:00
netlabel audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
netlink Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
netrom Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
nsh nsh: fix infinite loop 2018-05-04 12:54:38 -04:00
openvswitch openvswitch: Support conntrack zone limit 2018-05-25 16:45:19 -04:00
packet net: in virtio_net_hdr only add VLAN_HLEN to csum_start if payload holds vlan 2018-06-07 16:15:38 -04:00
phonet Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
psample
qrtr Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
rds Merge candidates for 4.17-rc 2018-06-02 09:55:44 -07:00
rfkill rfkill: Create rfkill-none LED trigger 2018-05-23 11:26:45 +02:00
rose Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
rxrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
sched net/sched: act_simple: fix parsing of TCA_DEF_DATA 2018-06-08 18:49:19 -04:00
sctp sctp: define sctp_packet_gso_append to build GSO frames 2018-06-14 10:25:53 -07:00
smc smc: convert to ->poll_mask 2018-06-12 15:37:09 -07:00
strparser strparser: Add __strp_unpause and use it in ktls. 2018-06-06 14:07:53 -04:00
sunrpc Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 10:14:28 -07:00
switchdev
tipc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
tls tls: fix NULL pointer dereference on poll 2018-06-11 16:29:54 -07:00
unix Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
vmw_vsock net/vmw_vsock: convert to ->poll_mask 2018-05-26 09:16:44 +02:00
wimax
wireless cfg80211: initialize sinfo in cfg80211_get_station 2018-06-15 13:01:47 +02:00
x25 Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
xdp xsk: silence warning on memory allocation failure 2018-06-11 23:49:07 +02:00
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
Kconfig net: Introduce generic failover module 2018-05-28 22:59:54 -04:00
Makefile bpfilter: switch to CC from HOSTCC 2018-06-05 10:21:18 -04:00
compat.c net: support compat 64-bit time in {s,g}etsockopt 2018-04-27 19:46:06 -04:00
socket.c socket: close race condition between sock_close() and sockfs_setattr() 2018-06-10 12:25:53 -07:00
sysctl_net.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00