staging: r8188eu: overflow in rtw_p2p_get_go_device_address()
authorDan Carpenter <dan.carpenter@oracle.com>
Mon, 3 Feb 2014 22:38:35 +0000 (01:38 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 7 Feb 2014 19:10:08 +0000 (11:10 -0800)
commite6ff3f4e6d258021fe041d7acf5d013c26bf387b
tree875c3aec92b193722c89cf0494956b947bc159cb
parent893134b084e137b92476ec11ce90790b5f568bb9
staging: r8188eu: overflow in rtw_p2p_get_go_device_address()

The go_devadd_str[] array is two characters too small to hold the
address so we corrupt memory.

I've changed the user space API slightly and I don't have a way to test
if this breaks anything.  In the original code we truncated away the
last digit of the address and the NUL terminator so it was already a bit
broken.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/rtl8188eu/os_dep/ioctl_linux.c