From 01c751d3fd36b6bd1fd18486756ae22bd364924c Mon Sep 17 00:00:00 2001
From: Jianmin Zhu <quic_jianminz@quicinc.com>
Date: Fri, 22 Sep 2023 14:36:59 +0800
Subject: [PATCH] qcacmn: Avoid NULL pointer deference

Validate sta_ctx->copied_conn_req before use to avoid NULL pointer
deference.

Change-Id: I0d46901f7709b1b6bcf63a7ca5178fb7ad90b33d
CRs-Fixed: 3621066
---
 umac/mlo_mgr/src/wlan_mlo_mgr_sta.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/umac/mlo_mgr/src/wlan_mlo_mgr_sta.c b/umac/mlo_mgr/src/wlan_mlo_mgr_sta.c
index e4bcd8a503..16890b88bc 100644
--- a/umac/mlo_mgr/src/wlan_mlo_mgr_sta.c
+++ b/umac/mlo_mgr/src/wlan_mlo_mgr_sta.c
@@ -818,8 +818,11 @@ mlo_prepare_and_send_connect(struct wlan_objmgr_vdev *vdev,
 		  QDF_MAC_ADDR_REF(link_info.link_addr.bytes),
 		  wlan_vdev_get_id(vdev));
 
-	qdf_mem_copy(&req, sta_ctx->copied_conn_req,
-		     sizeof(struct wlan_cm_connect_req));
+	if (sta_ctx->copied_conn_req)
+		qdf_mem_copy(&req, sta_ctx->copied_conn_req,
+			     sizeof(struct wlan_cm_connect_req));
+	else
+		mlo_err("Invalid copied_conn_req");
 
 	mlo_update_connect_req_chan_info(&req);
 
@@ -834,7 +837,9 @@ mlo_prepare_and_send_connect(struct wlan_objmgr_vdev *vdev,
 	req.ssid.length = ssid.length;
 	qdf_mem_copy(&req.ssid.ssid, &ssid.ssid, ssid.length);
 
-	mlo_allocate_and_copy_ies(&req, sta_ctx->copied_conn_req);
+	if (sta_ctx->copied_conn_req)
+		mlo_allocate_and_copy_ies(&req, sta_ctx->copied_conn_req);
+
 	if (!req.assoc_ie.ptr)
 		mlo_err("Failed to allocate assoc IEs");