From d4b56dadebb0350cbbf436db9a84c69dc54104e1 Mon Sep 17 00:00:00 2001 From: Naveen Rawat Date: Mon, 27 Jun 2016 15:25:56 -0700 Subject: [PATCH] qcacld-3.0: Fix Null pointer dereference in rrm_process_beacon_report_xmit In function rrm_process_beacon_report_xmit, reset flag_bss_present before processing each bss descriptor. Change-Id: Ic3ef01d79135effe718cbeec29894f6000de7f07 CRs-Fixed: 1034255 --- core/mac/src/pe/rrm/rrm_api.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/core/mac/src/pe/rrm/rrm_api.c b/core/mac/src/pe/rrm/rrm_api.c index 2ddc38bd75..3e9d4abdb1 100644 --- a/core/mac/src/pe/rrm/rrm_api.c +++ b/core/mac/src/pe/rrm/rrm_api.c @@ -800,7 +800,7 @@ rrm_process_beacon_report_xmit(tpAniSirGlobal mac_ctx, tpRRMReq curr_req = mac_ctx->rrm.rrmPEContext.pCurrentReq; tpPESession session_entry; uint8_t session_id; - bool flag_bss_present = false, bss_desc_count = 0; + bool flag_bss_present, bss_desc_count = 0; lim_log(mac_ctx, LOG1, FL("Received beacon report xmit indication")); @@ -845,6 +845,7 @@ rrm_process_beacon_report_xmit(tpAniSirGlobal mac_ctx, report[bss_desc_count].report.beaconReport; bss_desc = beacon_xmit_ind-> pBssDescription[bss_desc_count]; + flag_bss_present = false; /* Prepare the beacon report and send it to the peer.*/ report[bss_desc_count].token = beacon_xmit_ind->uDialogToken;