Dan Rosenberg 67de956ff5 NFC: Prevent multiple buffer overflows in NCI ...

Fix multiple remotely-exploitable stack-based buffer overflows due to
the NCI code pulling length fields directly from incoming frames and
copying too much data into statically-sized arrays.

Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Cc: stable@kernel.org
Cc: security@kernel.org
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: David S. Miller <davem@davemloft.net>
Acked-by: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>

2012-06-25 16:38:40 +02:00

..

core.c

NFC: Cache the core NFC active target pointer instead of its index

2012-05-15 17:27:59 -04:00

data.c

NFC: Quiet nci/data.c sparse noise about plain integer as NULL pointer

2012-05-15 17:30:29 -04:00

Kconfig

NFC: basic NCI protocol implementation

2011-09-20 14:43:49 -04:00

lib.c

NFC: Include nci_core.h to nci/lib.c

2012-05-15 17:30:29 -04:00

Makefile

NFC: basic NCI protocol implementation

2011-09-20 14:43:49 -04:00

ntf.c

NFC: Prevent multiple buffer overflows in NCI

2012-06-25 16:38:40 +02:00

rsp.c

NFC: NCI code identation fixes

2012-03-06 15:16:25 -05:00