Home Explore Help
Sign In
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

qcacmn: Fix the possible OOB access in channel avoid event

Fix the possible out of bound access while processing the
channel avoid frequency event from FW.

Change-Id: Ib49df0ebd785944b7cbbfa5927613887dd35d9ff
CRs-Fixed: 2308629
Kiran Kumar Lokere 6 years ago
parent
16e7479fa6
commit
1ea0e2a6ae
1 changed files with 4 additions and 0 deletions
Split View Show Diff Stats
  1. 4 0
      wmi/src/wmi_unified_tlv.c

+ 4 - 0
wmi/src/wmi_unified_tlv.c
View File 

@@ -20915,6 +20915,10 @@ static QDF_STATUS extract_reg_ch_avoid_event_tlv(
 
 		WMI_LOGE("Invalid channel avoid indication buffer");
 
 		return QDF_STATUS_E_INVAL;
 
 	}
 
+	if (param_buf->num_avd_freq_range < afr_fixed_param->num_freq_ranges) {
 
+		WMI_LOGE(FL("no.of freq ranges exceeded the limit"));
 
+		return QDF_STATUS_E_INVAL;
 
+	}
 
 	num_freq_ranges = (afr_fixed_param->num_freq_ranges >
 
 			CH_AVOID_MAX_RANGE) ? CH_AVOID_MAX_RANGE :
 
 			afr_fixed_param->num_freq_ranges;