qcacld-3.0: Fix out of bound write in mcs_set

The driver fills the mcs set array in
hdd_update_tgt_ht_cap for all rf chains
and does not have a upper boundary check to
cfg->num_rf_chains, which could lead
to out of bound write a valid value
to a memory which not allocated to mcs set

Fix is to have a check to cfg->num_rf_chains

Change-Id: Ibeb5e783e2369ebee1bbf3fc724d06736c174c69
CRs-Fixed: 2221902

core/hdd/src/wlan_hdd_main.c

@@ -1417,7 +1417,8 @@ static void hdd_update_tgt_ht_cap(struct hdd_context *hdd_ctx,
 	if (sme_cfg_get_str(hdd_ctx->hHal, WNI_CFG_SUPPORTED_MCS_SET, mcs_set,
 			    &value) == QDF_STATUS_SUCCESS) {
 		hdd_debug("Read MCS rate set");
-
+		if (cfg->num_rf_chains > SIZE_OF_SUPPORTED_MCS_SET)
+			cfg->num_rf_chains = SIZE_OF_SUPPORTED_MCS_SET;
 		if (pconfig->enable2x2) {
 			for (value = 0; value < cfg->num_rf_chains; value++)
 				mcs_set[value] =