samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Validate pProfile before dereferencing it

Browse Source 
Add sanity check for pProfile pointer before
dereferencing it in csr api.

Change-Id: I7290a46aea92f0c77c1123143c994cc684e26744
CRs-Fixed: 2775360
This commit is contained in:
Gururaj Pandurangi
2020-09-13 01:46:40 -07:00
committed by snandini
parent a91c6c1f4b
commit ed26554eea
1 changed files with 27 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
core/sme/src/csr/csr_util.c
View File

@@ -1911,6 +1911,11 @@ bool csr_is_phy_mode_match(struct mac_context *mac, uint32_t phyMode,
uint32_t bitMask, loopCount; uint32_t bitMask, loopCount;
uint32_t bss_chan_freq; uint32_t bss_chan_freq;
if (!pProfile) {
sme_err("profile not found");
return fMatch;
}
if (!QDF_IS_STATUS_SUCCESS(csr_get_phy_mode_from_bss(mac, pSirBssDesc, if (!QDF_IS_STATUS_SUCCESS(csr_get_phy_mode_from_bss(mac, pSirBssDesc,
&phyModeInBssDesc, pIes))) &phyModeInBssDesc, pIes)))
return fMatch; return fMatch;
@@ -1973,30 +1978,28 @@ bool csr_is_phy_mode_match(struct mac_context *mac, uint32_t phyMode,
cfgDot11ModeToUse = csr_get_vdev_dot11_mode(mac, pProfile->csrPersona, cfgDot11ModeToUse = csr_get_vdev_dot11_mode(mac, pProfile->csrPersona,
cfgDot11ModeToUse); cfgDot11ModeToUse);
if (fMatch && pReturnCfgDot11Mode) { if (fMatch && pReturnCfgDot11Mode) {
if (pProfile) { /*
/* * IEEE 11n spec (8.4.3): HT STA shall
* IEEE 11n spec (8.4.3): HT STA shall * eliminate TKIP as a choice for the pairwise
* eliminate TKIP as a choice for the pairwise * cipher suite if CCMP is advertised by the AP
* cipher suite if CCMP is advertised by the AP * or if the AP included an HT capabilities
* or if the AP included an HT capabilities * element in its Beacons and Probe Response.
* element in its Beacons and Probe Response. */
*/ if ((!CSR_IS_11n_ALLOWED(
if ((!CSR_IS_11n_ALLOWED( pProfile->negotiatedUCEncryptionType))
pProfile->negotiatedUCEncryptionType)) && ((eCSR_CFG_DOT11_MODE_11N ==
&& ((eCSR_CFG_DOT11_MODE_11N == cfgDot11ModeToUse) ||
cfgDot11ModeToUse) || (eCSR_CFG_DOT11_MODE_11AC ==
(eCSR_CFG_DOT11_MODE_11AC == cfgDot11ModeToUse) ||
cfgDot11ModeToUse) || (eCSR_CFG_DOT11_MODE_11AX ==
(eCSR_CFG_DOT11_MODE_11AX == cfgDot11ModeToUse))) {
cfgDot11ModeToUse))) { /* We cannot do 11n here */
/* We cannot do 11n here */ if (WLAN_REG_IS_24GHZ_CH_FREQ(bss_chan_freq)) {
if (WLAN_REG_IS_24GHZ_CH_FREQ(bss_chan_freq)) { cfgDot11ModeToUse =
cfgDot11ModeToUse = eCSR_CFG_DOT11_MODE_11G;
eCSR_CFG_DOT11_MODE_11G; } else {
} else { cfgDot11ModeToUse =
cfgDot11ModeToUse = eCSR_CFG_DOT11_MODE_11A;
eCSR_CFG_DOT11_MODE_11A;
}
} }
} }
*pReturnCfgDot11Mode = cfgDot11ModeToUse; *pReturnCfgDot11Mode = cfgDot11ModeToUse;