From 612d025fdfdb09e280931bd6506b259b2201403b Mon Sep 17 00:00:00 2001 From: Hariharan Basuthkar Date: Tue, 5 Sep 2023 16:19:16 +0530 Subject: [PATCH] qcacmn: Modify reg_get_subchannels_for_opclass to fix a compilation issue When WLAN_FEATURE_11BE flag is disabled, if opclass is 137, the API reg_get_subchannels_for_opclass chooses the nchans as 16. But the maximum size of the subchannels buffer is 8. This leads to an array out of bound access issue. To fix this issue, modularize reg_get_subchannels_for_opclass by adding a new subfunction reg_get_nsubchaneels_for_opclass to get the nchans. The maximum nchans returned by reg_get_nsubchanels_for_opclass is 8, if WLAN_FEATURE_11BE is disabled. Change-Id: I50095768e4a232fa83f1bc69690f64a745eecb05 CRs-Fixed: 3607354 --- .../regulatory/core/src/reg_build_chan_list.c | 58 +++++++++++-------- 1 file changed, 35 insertions(+), 23 deletions(-) diff --git a/umac/regulatory/core/src/reg_build_chan_list.c b/umac/regulatory/core/src/reg_build_chan_list.c index c3ad242644..bf5d7308c1 100644 --- a/umac/regulatory/core/src/reg_build_chan_list.c +++ b/umac/regulatory/core/src/reg_build_chan_list.c @@ -5089,6 +5089,40 @@ reg_fill_subchan_centers(uint8_t nchans, uint8_t cfi, uint8_t *subchannels) } } +struct opclass_nchans_pair { + uint8_t opclass; + uint8_t nchans; +}; + +static const struct opclass_nchans_pair opclass_nchans_map[] = { + {131, 1}, + {136, 1}, + {132, 2}, + {133, 4}, + {134, 8}, +#ifdef WLAN_FEATURE_11BE + {137, 16}, +#endif +}; + +/** + * reg_get_nsubchaneels_for_opclass() - Get the number of subchannels based on + * the operating class. + * @opclass: Operating class + * + * Return: Number of subchannels + */ +static uint8_t reg_get_nsubchaneels_for_opclass(uint8_t opclass) +{ + uint8_t i, n_opclasses = QDF_ARRAY_SIZE(opclass_nchans_map); + + for (i = 0; i < n_opclasses; i++) + if (opclass == opclass_nchans_map[i].opclass) + return opclass_nchans_map[i].nchans; + + return 0; +} + /** * reg_get_subchannels_for_opclass() - Get the list of subchannels based on the * the channel frequency index and opclass. @@ -5104,29 +5138,7 @@ uint8_t reg_get_subchannels_for_opclass(uint8_t cfi, { uint8_t nchans; - switch (opclass) { - case 131: - case 136: - nchans = 1; - break; - case 132: - nchans = 2; - break; - case 133: - nchans = 4; - break; - case 134: - nchans = 8; - break; - case 137: - nchans = 16; - break; - - default: - nchans = 0; - break; - } - + nchans = reg_get_nsubchaneels_for_opclass(opclass); reg_fill_subchan_centers(nchans, cfi, subchannels); return nchans;