|
|
@@ -19211,6 +19211,15 @@ extract_roam_scan_stats_tlv(wmi_unified_t wmi_handle, void *evt_buf,
|
|
|
dst->num_chan = MAX_ROAM_SCAN_CHAN;
|
|
|
|
|
|
src_chan = ¶m_buf->roam_scan_chan_info[chan_idx];
|
|
|
+
|
|
|
+ if ((dst->num_chan + chan_idx) >
|
|
|
+ param_buf->num_roam_scan_chan_info) {
|
|
|
+ wmi_err("Invalid TLV. num_chan %d chan_idx %d num_roam_scan_chan_info %d",
|
|
|
+ dst->num_chan, chan_idx,
|
|
|
+ param_buf->num_roam_scan_chan_info);
|
|
|
+ return QDF_STATUS_SUCCESS;
|
|
|
+ }
|
|
|
+
|
|
|
for (i = 0; i < dst->num_chan; i++) {
|
|
|
dst->chan_freq[i] = src_chan->channel;
|
|
|
dst->dwell_type[i] =
|
|
|
@@ -19330,6 +19339,14 @@ extract_roam_11kv_stats_tlv(wmi_unified_t wmi_handle, void *evt_buf,
|
|
|
if (dst->num_freq > MAX_ROAM_SCAN_CHAN)
|
|
|
dst->num_freq = MAX_ROAM_SCAN_CHAN;
|
|
|
|
|
|
+ if ((dst->num_freq + rpt_idx) >
|
|
|
+ param_buf->num_roam_neighbor_report_chan_info) {
|
|
|
+ wmi_err("Invalid TLV. num_freq %d rpt_idx %d num_roam_neighbor_report_chan_info %d",
|
|
|
+ dst->num_freq, rpt_idx,
|
|
|
+ param_buf->num_roam_scan_chan_info);
|
|
|
+ return QDF_STATUS_SUCCESS;
|
|
|
+ }
|
|
|
+
|
|
|
for (i = 0; i < dst->num_freq; i++) {
|
|
|
dst->freq[i] = src_freq->channel;
|
|
|
src_freq++;
|
Vinod Kumar Myadam