From: Vasanthakumar Thiagarajan Date: Tue, 10 Apr 2012 08:05:47 +0000 (+0530) Subject: ath6kl: Fix possible unaligned memory access in ath6kl_get_rsn_capab() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=798985c688722479191f6d6f4e5ab1a473904f0a;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git ath6kl: Fix possible unaligned memory access in ath6kl_get_rsn_capab() alignment is not taken care in accessing pairwise cipher and AKM suite count which are parsed from rsn ie. Fix this alignment issue. Reported-by: Joe Perches Signed-off-by: Vasanthakumar Thiagarajan Signed-off-by: Kalle Valo --- diff --git a/drivers/net/wireless/ath/ath6kl/cfg80211.c b/drivers/net/wireless/ath/ath6kl/cfg80211.c index 6ea5ae54c16..6b6bf938fee 100644 --- a/drivers/net/wireless/ath/ath6kl/cfg80211.c +++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c @@ -2591,14 +2591,14 @@ static int ath6kl_get_rsn_capab(struct cfg80211_beacon_data *beacon, /* skip pairwise cipher suite */ if (rsn_ie_len < 2) return -EINVAL; - cnt = *((u16 *) rsn_ie); + cnt = get_unaligned_le16(rsn_ie); rsn_ie += (2 + cnt * 4); rsn_ie_len -= (2 + cnt * 4); /* skip akm suite */ if (rsn_ie_len < 2) return -EINVAL; - cnt = *((u16 *) rsn_ie); + cnt = get_unaligned_le16(rsn_ie); rsn_ie += (2 + cnt * 4); rsn_ie_len -= (2 + cnt * 4);