samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Fix null pointer dereference in SAP state fsm

Browse Source 
Add a check against for NULL pointer before accessing roam_info
object pointer.

Change-Id: Id03a47761fa9624ddf76305f110f1f83bcb0a7cd
CRs-Fixed: 2232419
This commit is contained in:
Naveen Rawat
2018-04-30 14:28:52 -07:00
committed by nshrivas
parent d37cd72d4a
commit c3411bbdf8
2 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
core/sap/src/sap_api_link_cntl.c
View File

@@ -1109,6 +1109,12 @@ wlansap_roam_callback(void *ctx, struct csr_roam_info *csr_roam_info,
csr_roam_info, &qdf_ret_status);
break;
case eCSR_ROAM_RESULT_INFRA_ASSOCIATION_CNF:
if (!csr_roam_info) {
QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
"csr_roam_info is NULL");
qdf_ret_status = QDF_STATUS_E_NULL_VALUE;
break;
}
QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
FL("CSR roam_result = eCSR_ROAM_RESULT_INFRA_ASSOCIATION_CNF (%d)"),
roam_result);
@@ -1190,6 +1196,12 @@ wlansap_roam_callback(void *ctx, struct csr_roam_info *csr_roam_info,
(void *) eSAP_STATUS_SUCCESS);
break;
case eCSR_ROAM_RESULT_INFRA_STARTED:
if (!csr_roam_info) {
QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
"csr_roam_info is NULL");
qdf_ret_status = QDF_STATUS_E_NULL_VALUE;
break;
}
QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
FL("CSR roam_result = eCSR_ROAM_RESULT_INFRA_STARTED (%d)"),
roam_result);