|
|
@@ -1259,7 +1259,7 @@ int wma_nan_rsp_event_handler(void *handle, uint8_t *event_buf,
|
|
|
alloc_len = sizeof(tSirNanEvent);
|
|
|
alloc_len += nan_rsp_event_hdr->data_len;
|
|
|
if (nan_rsp_event_hdr->data_len > ((WMI_SVC_MSG_MAX_SIZE -
|
|
|
- sizeof(*nan_rsp_event_hdr)) / sizeof(uint8_t)) ||
|
|
|
+ WMI_TLV_HDR_SIZE - sizeof(*nan_rsp_event_hdr)) / sizeof(uint8_t)) ||
|
|
|
nan_rsp_event_hdr->data_len > param_buf->num_data) {
|
|
|
WMA_LOGE("excess data length:%d, num_data:%d",
|
|
|
nan_rsp_event_hdr->data_len, param_buf->num_data);
|
Yeshwanth Sriram Guntuka