qcacmn: Fix issues reported by static analysis tool

Add changes to fix issues:
1. Array out of bound access
2. Arithmatic expression overrun

Change-Id: Idf9bdea33422015e0310e57d005f7d6941f8151e
CRs-Fixed: 3298301

dp/wifi3.0/dp_rx.c

@@ -2406,6 +2406,16 @@ dp_peer_update_rx_pkt_per_lmac(struct dp_txrx_peer *txrx_peer,
 {
 	uint8_t lmac_id = qdf_nbuf_get_lmac_id(nbuf);
 
+	if (qdf_unlikely(lmac_id >= CDP_MAX_LMACS)) {
+		dp_err_rl("Invalid lmac_id: %u vdev_id: %u",
+			  lmac_id, QDF_NBUF_CB_RX_VDEV_ID(nbuf));
+
+		if (qdf_likely(txrx_peer))
+			dp_err_rl("peer_id: %u", txrx_peer->peer_id);
+
+		return;
+	}
+
 	/* only count stats per lmac for MLO connection*/
 	DP_PEER_PER_PKT_STATS_INCC_PKT(txrx_peer, rx.rx_lmac[lmac_id], 1,
 				       QDF_NBUF_CB_RX_PKT_LEN(nbuf),

dp/wifi3.0/dp_tx.c

@@ -4751,6 +4751,26 @@ dp_tx_compute_hw_delay_us(struct hal_tx_completion_status *ts,
 	buffer_ts = ts->buffer_timestamp << 10;
 
 	delay = ts->tsf - buffer_ts - delta_tsf;
+
+	if (qdf_unlikely(delay & 0x80000000)) {
+		dp_err_rl("delay = 0x%x (-ve)\n"
+			  "release_src = %d\n"
+			  "ppdu_id = 0x%x\n"
+			  "peer_id = 0x%x\n"
+			  "tid = 0x%x\n"
+			  "release_reason = %d\n"
+			  "tsf = %u (0x%x)\n"
+			  "buffer_timestamp = %u (0x%x)\n"
+			  "delta_tsf = %u (0x%x)\n",
+			  delay, ts->release_src, ts->ppdu_id, ts->peer_id,
+			  ts->tid, ts->status, ts->tsf, ts->tsf,
+			  ts->buffer_timestamp, ts->buffer_timestamp,
+			  delta_tsf, delta_tsf);
+
+		delay = 0;
+		goto end;
+	}
+
 	delay &= 0x1FFFFFFF; /* mask 29 BITS */
 	if (delay > 0x1000000) {
 		dp_info_rl("----------------------\n"
@@ -4768,6 +4788,8 @@ dp_tx_compute_hw_delay_us(struct hal_tx_completion_status *ts,
 		return QDF_STATUS_E_FAILURE;
 	}
 
+
+end:
 	*delay_us = delay;
 
 	return QDF_STATUS_SUCCESS;