samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Fix pointer dereference condition

Browse Source 
In the API lim_perform_ft_pre_auth, the driver sends
a auth frame to a peer whose MAC address is extracted
from the session entry, and it may happen that the
pointer tpftPEContext is NULL, which results in
pointer dereference.

Fix is to send an auth frame only if the sFTPEContext
is valid.

Change-Id: I5544739a0b438efcc0216bbccdcff113946b330b
CRs-Fixed: 2259250
This commit is contained in:
gaurank kathpalia
2018-06-26 15:32:17 +05:30
committed by nshrivas
parent 7a8824e49f
commit 65086f32e4
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
core/mac/src/pe/lim/lim_ft_preauth.c
View File

@@ -292,10 +292,10 @@ void lim_perform_ft_pre_auth(tpAniSirGlobal pMac, QDF_STATUS status,
lim_diag_event_report(pMac, WLAN_PE_DIAG_ROAM_AUTH_START_EVENT, lim_diag_event_report(pMac, WLAN_PE_DIAG_ROAM_AUTH_START_EVENT,
pMac->lim.pSessionEntry, QDF_STATUS_SUCCESS, QDF_STATUS_SUCCESS); pMac->lim.pSessionEntry, QDF_STATUS_SUCCESS, QDF_STATUS_SUCCESS);
#endif #endif
if (psessionEntry->ftPEContext.pFTPreAuthReq)
lim_send_auth_mgmt_frame(pMac, &authFrame, lim_send_auth_mgmt_frame(pMac, &authFrame,
psessionEntry->ftPEContext.pFTPreAuthReq->preAuthbssId, psessionEntry->ftPEContext.pFTPreAuthReq->preAuthbssId,
LIM_NO_WEP_IN_FC, psessionEntry); LIM_NO_WEP_IN_FC, psessionEntry);
return; return;