qcacmn: Fix field-spanning kernel warning during driver load

Currently, driver passes void pointer to wmsg as source buffer
in memcpy API to copy the local log_msg to nlmsg data buffer
in send_filled_buffers_to_user(). This leads to kernel warn
as kernel is unable to calculate the size of variable length
source buffer.

To fix this issue, pass the data buffer of nlmsg in memcpy API
so that kernel is able to calculate the size of source buffer
and verify for buffer overflow before copy.

Change-Id: Ief089f4a834aa89a0be75fcf201ad56ca9cba7d8
CRs-Fixed: 3749520

utils/logging/src/wlan_logging_sock_svc.c

@@ -683,7 +683,6 @@ static int send_filled_buffers_to_user(void)
 	static int nlmsg_seq;
 	unsigned long flags;
 	static int rate_limit;
-	void *out;
 
 	while (!list_empty(&gwlan_logging.filled_list)
 	       && !gwlan_logging.exit) {
@@ -730,12 +729,9 @@ static int send_filled_buffers_to_user(void)
 
 		wnl = (tAniNlHdr *) nlh;
 		wnl->radio = plog_msg->radio;
-		/* kernel FORTIFY_SOURCE may warn when multiple struct
-		 * are copied using memcpy. So, to avoid, assign a
-		 * void pointer to the struct and copy using memcpy
-		 */
-		out = &wnl->wmsg;
-		memcpy(out, plog_msg->logbuf,
+
+		/* Offset of data buffer from nlmsg_hdr + sizeof(int) radio */
+		memcpy(nlmsg_data(nlh) + sizeof(wnl->radio), plog_msg->logbuf,
 		       plog_msg->filled_length + sizeof(tAniHdr));
 
 		spin_lock_irqsave(&gwlan_logging.spin_lock, flags);