Startsida Utforska Hjälp
Logga in
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

qcacmn: Fix NULL pointer dereference in policy manager

In policy_mgr_is_hw_sbs_capable wmi_handle is derived & dereferenced
with out a NULL check. Add a NULL check for wmi_handle before it is
dereferenced.

Change-Id: I6081bb6f24ce52a3016712d4f1b481f5fb6a9c8f
CRs-Fixed: 2305529
Tushnim Bhattacharyya 6 år sedan
förälder
287dee3f43
incheckning
e381d2f9ca
1 ändrade filer med 13 tillägg och 9 borttagningar
Delad Vy Visa Diff Statistik
  1. 13 9
      umac/cmn_services/policy_mgr/src/wlan_policy_mgr_get_set_utils.c

+ 13 - 9
umac/cmn_services/policy_mgr/src/wlan_policy_mgr_get_set_utils.c
Visa fil 

@@ -523,7 +523,7 @@ bool policy_mgr_is_hw_dbs_capable(struct wlan_objmgr_psoc *psoc)
 
 {
 
 	uint32_t param, i, found = 0;
 
 	struct policy_mgr_psoc_priv_obj *pm_ctx;
 
-	void *wmi_handle;
 
+	struct wmi_unified *wmi_handle;
 
 
 	pm_ctx = policy_mgr_get_context(psoc);
 
 
@@ -537,9 +537,9 @@ bool policy_mgr_is_hw_dbs_capable(struct wlan_objmgr_psoc *psoc)
 
 		return false;
 
 	}
 
 
-	wmi_handle = GET_WMI_HDL_FROM_PSOC(psoc);
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
 	if (!wmi_handle) {
 
-		policy_mgr_debug("Invalid WMA context");
 
+		policy_mgr_debug("Invalid WMI handle");
 
 		return false;
 
 	}
 
 
@@ -575,7 +575,7 @@ bool policy_mgr_is_hw_sbs_capable(struct wlan_objmgr_psoc *psoc)
 
 {
 
 	uint32_t param, i, found = 0;
 
 	struct policy_mgr_psoc_priv_obj *pm_ctx;
 
-	void *wmi_handle;
 
+	struct wmi_unified *wmi_handle;
 
 
 	pm_ctx = policy_mgr_get_context(psoc);
 
 	if (!pm_ctx) {
 
@@ -583,7 +583,11 @@ bool policy_mgr_is_hw_sbs_capable(struct wlan_objmgr_psoc *psoc)
 
 		return false;
 
 	}
 
 
-	wmi_handle = GET_WMI_HDL_FROM_PSOC(psoc);
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
+	if (!wmi_handle) {
 
+		policy_mgr_debug("Invalid WMI handle");
 
+		return false;
 
+	}
 
 
 	policy_mgr_debug("DBS service bit map: %d",
 
 		wmi_service_enabled(wmi_handle,
 
@@ -3198,9 +3202,9 @@ bool policy_mgr_allow_sap_go_concurrency(struct wlan_objmgr_psoc *psoc,
 
 bool policy_mgr_dual_beacon_on_single_mac_scc_capable(
 
 		struct wlan_objmgr_psoc *psoc)
 
 {
 
-	void *wmi_handle = NULL;
 
+	struct wmi_unified *wmi_handle;
 
 
-	wmi_handle = GET_WMI_HDL_FROM_PSOC(psoc);
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
 	if (!wmi_handle) {
 
 		policy_mgr_debug("Invalid WMI handle");
 
 		return false;
 
@@ -3219,9 +3223,9 @@ bool policy_mgr_dual_beacon_on_single_mac_scc_capable(
 
 bool policy_mgr_dual_beacon_on_single_mac_mcc_capable(
 
 		struct wlan_objmgr_psoc *psoc)
 
 {
 
-	void *wmi_handle = NULL;
 
+	struct wmi_unified *wmi_handle;
 
 
-	wmi_handle = GET_WMI_HDL_FROM_PSOC(psoc);
 
+	wmi_handle = get_wmi_unified_hdl_from_psoc(psoc);
 
 	if (!wmi_handle) {
 
 		policy_mgr_debug("Invalid WMI handle");
 
 		return false;