qcacmn: Add ce_count check to avoid any buffer overflow

Add ce_count check to avoid any buffer overflow
of "scn->ce_id_to_state" and "hif_state->pipe_info"

Change-Id: I77f074f631a86cb96badab27e6850e0969331dba
CRs-Fixed: 3589967

hif/src/ce/ce_main.c

@@ -3926,6 +3926,11 @@ static QDF_STATUS hif_post_recv_buffers(struct hif_softc *scn)
 	for (pipe_num = 0; pipe_num < scn->ce_count; pipe_num++) {
 		struct HIF_CE_pipe_info *pipe_info;
 
+		if (pipe_num >= CE_COUNT_MAX) {
+			A_TARGET_ACCESS_UNLIKELY(scn);
+			return QDF_STATUS_E_INVAL;
+		}
+
 		ce_state = scn->ce_id_to_state[pipe_num];
 		pipe_info = &hif_state->pipe_info[pipe_num];