Home Explore Help
Sign In
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

qcacld-3.0: Validate 'num_RICDataDesc' to avoid error logs

qcacld-2.0 to qcacld-3.0 propagation

In sir_convert_assoc_resp_frame2_struct(), 'pAssocRsp->ricPresent' is set to
true when 'num_RICDataDesc' is 0, this causes qdf_mem_malloc() to be called
with invalid length 0.

Add change to validate 'num_RICDataDesc' to avoid above issue.

Change-Id: If5e59477efa4df01ca216904645babf769b55c47
CRs-Fixed: 2078891
Sreelakshmi Konamki 7 years ago
parent
513038eee1
commit
0ac62e88ee
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      core/mac/src/sys/legacy/src/utils/src/parser_api.c

+ 1 - 1
core/mac/src/sys/legacy/src/utils/src/parser_api.c
View File 

@@ -2874,7 +2874,7 @@ sir_convert_assoc_resp_frame2_struct(tpAniSirGlobal pMac,
 
 			     sizeof(tDot11fIEFTInfo));
 
 	}
 
 
-	if (ar.num_RICDataDesc <= 2) {
 
+	if (ar.num_RICDataDesc && ar.num_RICDataDesc <= 2) {
 
 		for (cnt = 0; cnt < ar.num_RICDataDesc; cnt++) {
 
 			if (ar.RICDataDesc[cnt].present) {
 
 				qdf_mem_copy(&pAssocRsp->RICData[cnt],