Página Principal Explorar Ajuda
Iniciar Sessão
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Ver Fonte

qcacld-3.0: Possible NULL pointer dereference in target_if_disa

Currently, the return value of get_wmi_unified_hdl_from_psoc() API
is passing directly as argument to some functions without checking
the return value for NULL which may cause NULL pointer dereference.

To address this issue, add NULL checks for return value of
get_wmi_unified_hdl_from_psoc() API where ever it is getting used.

Change-Id: Ieb4ff997960aac915b4dc40cb0d17070240d9b1f
CRs-Fixed: 2316854
Dundi Raviteja há 6 anos atrás
pai
a2a39dcfd5
commit
8f307b02bc
1 ficheiros alterados com 34 adições e 8 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 34 8
      components/target_if/disa/src/target_if_disa.c

+ 34 - 8
components/target_if/disa/src/target_if_disa.c
Ver Ficheiro 

@@ -33,6 +33,7 @@ target_if_encrypt_decrypt_event_handler(ol_scn_t scn_handle, uint8_t *data,
 
 {
 
 	struct disa_encrypt_decrypt_resp_params resp;
 
 	struct wlan_objmgr_psoc *psoc;
 
+	wmi_unified_t wmi_handle;
 
 
 	if (data == NULL) {
 
 		target_if_err("%s: invalid pointer", __func__);
 
@@ -45,9 +46,14 @@ target_if_encrypt_decrypt_event_handler(ol_scn_t scn_handle, uint8_t *data,
 
 		return -EINVAL;
 
 	}
 
 
-	if (wmi_extract_encrypt_decrypt_resp_params(
 
-				get_wmi_unified_hdl_from_psoc(psoc),
 
-				data, &resp) != QDF_STATUS_SUCCESS) {
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
+	if (!wmi_handle) {
 
+		target_if_err("Invalid wmi handle");
 
+		return -EINVAL;
 
+	}
 
+
 
+	if (wmi_extract_encrypt_decrypt_resp_params(wmi_handle, data, &resp) !=
 
+						    QDF_STATUS_SUCCESS) {
 
 		target_if_err("Extraction of encrypt decrypt resp params failed");
 
 		return -EINVAL;
 
 	}
 
@@ -61,8 +67,15 @@ QDF_STATUS
 
 target_if_disa_register_ev_handlers(struct wlan_objmgr_psoc *psoc)
 
 {
 
 	QDF_STATUS status;
 
+	wmi_unified_t wmi_handle;
 
+
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
+	if (!wmi_handle) {
 
+		target_if_err("Invalid wmi handle");
 
+		return QDF_STATUS_E_INVAL;
 
+	}
 
 
-	status = wmi_unified_register_event(get_wmi_unified_hdl_from_psoc(psoc),
 
+	status = wmi_unified_register_event(wmi_handle,
 
 				wmi_vdev_encrypt_decrypt_data_rsp_event_id,
 
 				target_if_encrypt_decrypt_event_handler);
 
 	if (status) {
 
@@ -77,9 +90,15 @@ QDF_STATUS
 
 target_if_disa_unregister_ev_handlers(struct wlan_objmgr_psoc *psoc)
 
 {
 
 	QDF_STATUS status;
 
+	wmi_unified_t wmi_handle;
 
 
-	status = wmi_unified_unregister_event(
 
-				get_wmi_unified_hdl_from_psoc(psoc),
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
+	if (!wmi_handle) {
 
+		target_if_err("Invalid wmi handle");
 
+		return QDF_STATUS_E_INVAL;
 
+	}
 
+
 
+	status = wmi_unified_unregister_event(wmi_handle,
 
 				wmi_vdev_encrypt_decrypt_data_rsp_event_id);
 
 	if (status) {
 
 		target_if_err("Failed to unregister Scan match event cb");
 
@@ -93,8 +112,15 @@ QDF_STATUS
 
 target_if_disa_encrypt_decrypt_req(struct wlan_objmgr_psoc *psoc,
 
 		struct disa_encrypt_decrypt_req_params *req)
 
 {
 
-	return wmi_unified_encrypt_decrypt_send_cmd(
 
-			get_wmi_unified_hdl_from_psoc(psoc), req);
 
+	wmi_unified_t wmi_handle;
 
+
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
+	if (!wmi_handle) {
 
+		target_if_err("Invalid wmi handle");
 
+		return QDF_STATUS_E_INVAL;
 
+	}
 
+
 
+	return wmi_unified_encrypt_decrypt_send_cmd(wmi_handle, req);
 
 }