qcacld-3.0: Fix OOB access in sme_ese_send_beacon_req_scan_results

After receiving the scan results per channel,
sme_ese_send_beacon_req_scan_results prepares beacon report
response info for each BSS in cur_result list. While parsing
cur_result list driver blindly checks bss_counter against
SIR_BCN_REPORT_MAX_BSS_DESC(4) to reach max/last BSS in cur_result
list this results out of bound error. Bound check for bss_counter
should be against the number of bss found in scan results per
channel to avoid OOB issue.

Validate the value of bss_counter against the number of bss found
in scan results.

Change-Id: I70152c4f62c6fcff755f13f3851c9683bdc2231c
CRs-Fixed: 2387198

core/sme/src/rrm/sme_rrm.c

@@ -363,8 +363,7 @@ static QDF_STATUS sme_ese_send_beacon_req_scan_results(
 		}
 
 		bss_counter += j;
-		if (!result_arr || !cur_result
-		|| (bss_counter >= SIR_BCN_REPORT_MAX_BSS_DESC)) {
+		if (!result_arr || !cur_result || (bss_counter >= bss_count)) {
 			cur_result = NULL;
 			sme_err("Reached to the max/last BSS in cur_result list");
 		} else {