qcacld-3.0: Fix possible NULL pointer dereference

Pointers returned by wlan_ipa_get_iface API and
cds_get_context API are not NULL validated at few
places. Add NULL checks for these pointers to avoid
possible NULL pointer dereference.

Change-Id: I44f226c2ce97afd6ad2ff9cde5cd70d9d12bc3d2
CRs-Fixed: 2775197

components/ipa/core/src/wlan_ipa_stats.c

@@ -965,7 +965,6 @@ QDF_STATUS wlan_ipa_uc_op_metering(struct wlan_ipa_priv *ipa_ctx,
 	struct ipa_uc_quota_rsp *uc_quota_rsp;
 	struct ipa_uc_quota_ind *uc_quota_ind;
 	struct wlan_ipa_iface_context *iface_ctx;
-	uint32_t ifindex;
 	uint64_t quota_bytes;
 
 	if (msg->op_code == WLAN_IPA_UC_OPCODE_SHARING_STATS) {
@@ -996,11 +995,11 @@ QDF_STATUS wlan_ipa_uc_op_metering(struct wlan_ipa_priv *ipa_ctx,
 
 		/* send quota exceeded indication to IPA */
 		iface_ctx = wlan_ipa_get_iface(ipa_ctx, QDF_STA_MODE);
-		ifindex = iface_ctx->dev->ifindex;
 		quota_bytes = uc_quota_ind->quota_bytes;
 		if (iface_ctx)
-			qdf_ipa_broadcast_wdi_quota_reach_ind(ifindex,
-							      quota_bytes);
+			qdf_ipa_broadcast_wdi_quota_reach_ind(
+							iface_ctx->dev->ifindex,
+							quota_bytes);
 		else
 			ipa_err("Failed quota_reach_ind: NULL interface");
 	} else {

core/dp/txrx/ol_txrx_ipa.c

@@ -721,14 +721,19 @@ QDF_STATUS ol_txrx_ipa_cleanup(struct cdp_soc_t *soc_hdl, uint8_t pdev_id,
 	struct ol_txrx_ipa_resources *ipa_res;
 	struct ol_txrx_soc_t *soc = cds_get_context(QDF_MODULE_ID_SOC);
 	qdf_device_t osdev = cds_get_context(QDF_MODULE_ID_QDF_DEVICE);
-	ol_txrx_pdev_handle pdev =
-		ol_txrx_get_pdev_from_pdev_id(soc, OL_TXRX_PDEV_ID);
+	ol_txrx_pdev_handle pdev;
 
-	if (!pdev || !osdev) {
+	if (!soc || !osdev) {
 		ol_txrx_err("%s invalid instance", __func__);
 		return QDF_STATUS_E_FAILURE;
 	}
 
+	pdev = ol_txrx_get_pdev_from_pdev_id(soc, OL_TXRX_PDEV_ID);
+	if (!pdev) {
+		ol_txrx_err("%s NULL pdev invalid instance", __func__);
+		return QDF_STATUS_E_FAILURE;
+	}
+
 	ipa_res = &pdev->ipa_resource;
 	if (osdev->smmu_s1_enabled) {
 		ret = pld_smmu_unmap(osdev->dev,