qcacmn: Fix buffer overflow for ipa_ctx->sys_pipe

ipa_ctx->sys_pipe[] is an array with size WLAN_IPA_MAX_SYSBAM_PIPE (4).
On MDM platforms, WLAN_IPA_MAX_IFACE could be set to 4 in defconfig.
E.g. on sdxpinn/hmt platform, CONFIG_NUM_IPA_IFACE is set to 4.

kiwi_v2_defconfig
CONFIG_NUM_IPA_IFACE := 4

With this, WLAN_IPA_RX_PIPE will be equal to 4, leading to array index
out of bounds buffer overflow.

Fix is to set WLAN_IPA_RX_PIPE to WLAN_IPA_MAX_SYSBAM_PIPE - 1 to point
to last index of ipa_ctx->sys_pipe[].

Change-Id: I4929aec92ed2064c5194ec18ad7b33574ba3c3e7
CRs-Fixed: 3545420

ipa/core/inc/wlan_ipa_priv.h

@@ -76,7 +76,7 @@
 #define WLAN_IPA_MAX_STA_COUNT              41
 #endif
 
-#define WLAN_IPA_RX_PIPE                    WLAN_IPA_MAX_IFACE
+#define WLAN_IPA_RX_PIPE                    (WLAN_IPA_MAX_SYSBAM_PIPE - 1)
 #define WLAN_IPA_ENABLE_MASK                BIT(0)
 #define WLAN_IPA_PRE_FILTER_ENABLE_MASK     BIT(1)
 #define WLAN_IPA_IPV6_ENABLE_MASK           BIT(2)