|
|
@@ -2831,7 +2831,9 @@ hdd_association_completion_handler(struct hdd_adapter *adapter,
|
|
|
(u8 *) (roam_info->pbFrames +
|
|
|
roam_info->nBeaconLength +
|
|
|
roam_info->nAssocReqLength);
|
|
|
- if (assoc_rsp) {
|
|
|
+ if (assoc_rsp &&
|
|
|
+ roam_info->nAssocRspLength >
|
|
|
+ ASSOC_RSP_IES_OFFSET) {
|
|
|
/*
|
|
|
* assoc_rsp needs to point to the IEs
|
|
|
*/
|
|
|
@@ -2850,7 +2852,9 @@ hdd_association_completion_handler(struct hdd_adapter *adapter,
|
|
|
assoc_req = (u8 *) (roam_info->pbFrames +
|
|
|
roam_info->nBeaconLength);
|
|
|
if (assoc_req) {
|
|
|
- if (!ft_carrier_on) {
|
|
|
+ if (!ft_carrier_on &&
|
|
|
+ roam_info->nAssocReqLength >
|
|
|
+ ASSOC_REQ_IES_OFFSET) {
|
|
|
/*
|
|
|
* assoc_req needs to point to
|
|
|
* the IEs
|
|
|
@@ -3169,7 +3173,9 @@ hdd_association_completion_handler(struct hdd_adapter *adapter,
|
|
|
/* Association Request */
|
|
|
assoc_req = (u8 *)(roam_info->pbFrames +
|
|
|
roam_info->nBeaconLength);
|
|
|
- if (assoc_req) {
|
|
|
+ if (assoc_req &&
|
|
|
+ roam_info->nAssocReqLength >
|
|
|
+ ASSOC_REQ_IES_OFFSET) {
|
|
|
/*
|
|
|
* assoc_req needs to point to
|
|
|
* the IEs
|
|
|
@@ -3188,7 +3194,9 @@ hdd_association_completion_handler(struct hdd_adapter *adapter,
|
|
|
(u8 *)(roam_info->pbFrames +
|
|
|
roam_info->nBeaconLength +
|
|
|
roam_info->nAssocReqLength);
|
|
|
- if (assoc_rsp) {
|
|
|
+ if (assoc_rsp &&
|
|
|
+ roam_info->nAssocRspLength >
|
|
|
+ ASSOC_RSP_IES_OFFSET) {
|
|
|
/*
|
|
|
* assoc_rsp needs to point to
|
|
|
* the IEs
|
Abdul Muqtadeer Ahmed