qcacmn: OOB while parsing ML per STA profile

Currently, while parsing the per STA profile IE, driver tries to
access the EXTN element ID without checking IE len. When IE len
is zero, if driver tries to access the IE after IE header then it
will leads to out of bound error.

So, to fix this, add check for IE len before accessing it.

Change-Id: I30d3fae9aaedc0011a2d3415e273d5e32db2d56e
CRs-Fixed: 3852338
(cherry picked from commit 608d3ddcb62a49568845eec1724c195741f95005)

umac/mlo_mgr/src/utils_mlo.c

@@ -5080,6 +5080,16 @@ util_parse_pamlie_perstaprofile_stactrl(uint8_t *subelempayload,
 			break;
 		case WLAN_ELEMID_EXTN_ELEM:
 			extn_ie = (struct extn_ie_header *)ie;
+			/**
+			 * Zero IE len means there is no IE contents (EXT ID)
+			 * and so, if IE is dereferenced after IE len then it
+			 * can leads to out of bound error.
+			 * | IE ID | IE len | EXT ID |
+			 */
+			if (!extn_ie->ie_len) {
+				mlo_err_rl("extn element has zero len");
+				return QDF_STATUS_E_PROTO;
+			}
 			switch (extn_ie->ie_extn_id) {
 			case WLAN_EXTN_ELEMID_MUEDCA:
 				if (extn_ie->ie_len == WLAN_MAX_MUEDCA_IE_LEN) {