From 798985c688722479191f6d6f4e5ab1a473904f0a Mon Sep 17 00:00:00 2001 From: Vasanthakumar Thiagarajan Date: Tue, 10 Apr 2012 13:35:47 +0530 Subject: [PATCH] ath6kl: Fix possible unaligned memory access in ath6kl_get_rsn_capab() alignment is not taken care in accessing pairwise cipher and AKM suite count which are parsed from rsn ie. Fix this alignment issue. Reported-by: Joe Perches Signed-off-by: Vasanthakumar Thiagarajan Signed-off-by: Kalle Valo --- drivers/net/wireless/ath/ath6kl/cfg80211.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/wireless/ath/ath6kl/cfg80211.c b/drivers/net/wireless/ath/ath6kl/cfg80211.c index 6ea5ae54c160..6b6bf938feef 100644 --- a/drivers/net/wireless/ath/ath6kl/cfg80211.c +++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c @@ -2591,14 +2591,14 @@ static int ath6kl_get_rsn_capab(struct cfg80211_beacon_data *beacon, /* skip pairwise cipher suite */ if (rsn_ie_len < 2) return -EINVAL; - cnt = *((u16 *) rsn_ie); + cnt = get_unaligned_le16(rsn_ie); rsn_ie += (2 + cnt * 4); rsn_ie_len -= (2 + cnt * 4); /* skip akm suite */ if (rsn_ie_len < 2) return -EINVAL; - cnt = *((u16 *) rsn_ie); + cnt = get_unaligned_le16(rsn_ie); rsn_ie += (2 + cnt * 4); rsn_ie_len -= (2 + cnt * 4); -- 2.20.1