diff options
| author | Johannes Berg <johannes.berg@intel.com> | 2014-09-10 15:28:06 -0400 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2014-09-11 06:07:34 -0400 |
| commit | 78f686cae0c67a2edd167cbbe2f36017f0fa4b30 (patch) | |
| tree | 7cd313b911ecaeb47289d2825563530a386f3245 /net/wireless | |
| parent | 538c9eb8b3fd33d3a0722b2c04ec4f574eaa6e9f (diff) | |
cfg80211: don't put kek/kck/replay counter on the stack
There's no need to put the values on the stack, just pass a
pointer to the data in the nl80211 message. This reduces stack
usage and avoids potential issues with putting sensitive data
on the stack.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/wireless')
| -rw-r--r-- | net/wireless/nl80211.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index e388a9f28895..bebdf3d0ae75 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c | |||
| @@ -8959,13 +8959,9 @@ static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) | |||
| 8959 | if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) | 8959 | if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) |
| 8960 | return -ERANGE; | 8960 | return -ERANGE; |
| 8961 | 8961 | ||
| 8962 | memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]), | 8962 | rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]); |
| 8963 | NL80211_KEK_LEN); | 8963 | rekey_data.kck = nla_data(tb[NL80211_REKEY_DATA_KCK]); |
| 8964 | memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]), | 8964 | rekey_data.replay_ctr = nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]); |
| 8965 | NL80211_KCK_LEN); | ||
| 8966 | memcpy(rekey_data.replay_ctr, | ||
| 8967 | nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]), | ||
| 8968 | NL80211_REPLAY_CTR_LEN); | ||
| 8969 | 8965 | ||
| 8970 | wdev_lock(wdev); | 8966 | wdev_lock(wdev); |
| 8971 | if (!wdev->current_bss) { | 8967 | if (!wdev->current_bss) { |