Home Explore Help
Sign In
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

qcacld-3.0: Sanity check for session_id in roam

For session_id is not have sanity check, an OOB would happen
leads to crash.

Added Sanity checks for session_id in roam functions and
return failure if session_id is equals to NULL or MAX value.

Change-Id: I033c6567f53ead2a721882e9b44f3d0bcb58084d
CRs-Fixed: 3149880
Vinod Kumar Myadam 2 years ago
parent
693e074e9f
commit
70b46d3736
1 changed files with 5 additions and 0 deletions
Split View Show Diff Stats
  1. 5 0
      core/sme/src/csr/csr_util.c

+ 5 - 0
core/sme/src/csr/csr_util.c
View File 

@@ -1185,6 +1185,11 @@ QDF_STATUS csr_set_modify_profile_fields(struct mac_context *mac,
 
 {
 
 	struct csr_roam_session *pSession = CSR_GET_SESSION(mac, sessionId);
 
 
+	if (!pSession) {
 
+		sme_err("Session_id invalid %d", sessionId);
 
+		return QDF_STATUS_E_INVAL;
 
+	}
 
+
 
 	qdf_mem_copy(&pSession->modifyProfileFields,
 
 		     pModifyProfileFields, sizeof(tCsrRoamModifyProfileFields));