samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacmn: Fix the possible OOB access in channel avoid event

Browse Source 
Fix the possible out of bound access while processing the
channel avoid frequency event from FW.

Change-Id: Ib49df0ebd785944b7cbbfa5927613887dd35d9ff
CRs-Fixed: 2308629
This commit is contained in:
Kiran Kumar Lokere
2018-09-19 16:55:34 -07:00
committed by nshrivas
parent 4efe1fa42d
commit 7d3120478e
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wmi_unified_tlv.c
View File

@@ -20915,6 +20915,10 @@ static QDF_STATUS extract_reg_ch_avoid_event_tlv(
WMI_LOGE("Invalid channel avoid indication buffer"); WMI_LOGE("Invalid channel avoid indication buffer");
return QDF_STATUS_E_INVAL; return QDF_STATUS_E_INVAL;
} }
if (param_buf->num_avd_freq_range < afr_fixed_param->num_freq_ranges) {
WMI_LOGE(FL("no.of freq ranges exceeded the limit"));
return QDF_STATUS_E_INVAL;
}
num_freq_ranges = (afr_fixed_param->num_freq_ranges > num_freq_ranges = (afr_fixed_param->num_freq_ranges >
CH_AVOID_MAX_RANGE) ? CH_AVOID_MAX_RANGE : CH_AVOID_MAX_RANGE) ? CH_AVOID_MAX_RANGE :
afr_fixed_param->num_freq_ranges; afr_fixed_param->num_freq_ranges;