From efd6e156da2be3b701da94c95f2d7088fe3dfa9d Mon Sep 17 00:00:00 2001 From: Yu Tian Date: Wed, 9 Nov 2022 18:37:40 -0800 Subject: [PATCH] qcacmn: Force invalid check for every pkt Normally TID is obtained from MPDU start pkt and is performed invalid check. There is a chance that DUT receives an aggregated MPDU with invalid TID, TID value is not updated for the second MSDU, then it will lead to OOB access. Change is aimed to perform the check for every MSDU. Change-Id: Ie261ddbc0e9dcd10459c68d3c78e13faa70286ac CRs-Fixed: 3333265 --- dp/wifi3.0/li/dp_li_rx.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/dp/wifi3.0/li/dp_li_rx.c b/dp/wifi3.0/li/dp_li_rx.c index adac3eaf3f..cdc61dc4d9 100644 --- a/dp/wifi3.0/li/dp_li_rx.c +++ b/dp/wifi3.0/li/dp_li_rx.c @@ -592,14 +592,14 @@ done: } /* Get TID from struct cb->tid_val, save to tid */ - if (qdf_nbuf_is_rx_chfrag_start(nbuf)) { + if (qdf_nbuf_is_rx_chfrag_start(nbuf)) tid = qdf_nbuf_get_tid_val(nbuf); - if (tid >= CDP_MAX_DATA_TIDS) { - DP_STATS_INC(soc, rx.err.rx_invalid_tid_err, 1); - dp_rx_nbuf_free(nbuf); - nbuf = next; - continue; - } + + if (qdf_unlikely(tid >= CDP_MAX_DATA_TIDS)) { + DP_STATS_INC(soc, rx.err.rx_invalid_tid_err, 1); + dp_rx_nbuf_free(nbuf); + nbuf = next; + continue; } if (qdf_unlikely(!txrx_peer)) {