qcacld-3.0: Validate bw in lim parse tpe ie

Currently host driver does not validate bw in lim parse tpe ie
api before it gets next higher bw, there is a possiblity
that this bw becomes invalid and driver ends up with out of bound
access for get higher bw array.

In current scenario when host driver tries to start vdev on
frequency 5640 for country US and executes this API for frequency
5640, at the same time country is changed to CN and this frequency
becomes invalid. so in the execution of this API host driver gets
invalid bw from reg set param and ends up with out of bound access
for get higher bw array.
To address above issue, add a check to validate bw before driver
acceses get higher bw array.

Change-Id: I335057f75f67408275003b3fd7830c740eead301
CRs-Fixed: 3239465

core/mac/src/pe/lim/lim_process_sme_req_messages.c

@@ -5103,7 +5103,8 @@ void lim_parse_tpe_ie(struct mac_context *mac, struct pe_session *session,
 
 		ch_params.ch_width = CH_WIDTH_20MHZ;
 
-		for (i = 0; i < single_tpe.max_tx_pwr_count + 1; i++) {
+		for (i = 0; i < single_tpe.max_tx_pwr_count + 1 &&
+		     (ch_params.ch_width != CH_WIDTH_INVALID); i++) {
 			wlan_reg_set_channel_params_for_freq(mac->pdev,
 							     curr_op_freq, 0,
 							     &ch_params);
@@ -5115,8 +5116,9 @@ void lim_parse_tpe_ie(struct mac_context *mac, struct pe_session *session,
 			vdev_mlme->reg_tpc_obj.frequency[i] =
 							ch_params.mhz_freq_seg0;
 			vdev_mlme->reg_tpc_obj.tpe[i] = single_tpe.tx_power[i];
-			ch_params.ch_width =
-				get_next_higher_bw[ch_params.ch_width];
+			if (ch_params.ch_width != CH_WIDTH_INVALID)
+				ch_params.ch_width =
+					get_next_higher_bw[ch_params.ch_width];
 		}
 	}