From efd71c358231de998b17525b55013c60a9dcef95 Mon Sep 17 00:00:00 2001
From: Naveen Rawat <naveenrawat@codeaurora.org>
Date: Tue, 25 Oct 2016 17:05:47 -0700
Subject: [PATCH] qcacld-3.0: Add NULL pointer check before accessing roam
 profile

Check for NULL pointer before accessing current roam profile in
STOP_BSS rsp, csr_roam_roaming_state_stop_bss_rsp_processor.

Change-Id: I670151fa81ab3389c7a07ef37bcc909e3fcb9387
CRs-Fixed: 1082446
(cherry picked from commit 1d0fd66e49e4c39ed57c80fa8603cc1b59c0b548)
---
 core/sme/src/csr/csr_api_roam.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/core/sme/src/csr/csr_api_roam.c b/core/sme/src/csr/csr_api_roam.c
index 1edcd0b533..bc90888098 100644
--- a/core/sme/src/csr/csr_api_roam.c
+++ b/core/sme/src/csr/csr_api_roam.c
@@ -9098,6 +9098,7 @@ static void csr_roam_roaming_state_stop_bss_rsp_processor(tpAniSirGlobal pMac,
 							  tSirSmeRsp *pSmeRsp)
 {
 	eCsrRoamCompleteResult result_code = eCsrNothingToJoin;
+	tCsrRoamProfile *profile;
 
 #ifdef FEATURE_WLAN_DIAG_SUPPORT_CSR
 	{
@@ -9116,16 +9117,16 @@ static void csr_roam_roaming_state_stop_bss_rsp_processor(tpAniSirGlobal pMac,
 	pMac->roam.roamSession[pSmeRsp->sessionId].connectState =
 		eCSR_ASSOC_STATE_TYPE_NOT_CONNECTED;
 	if (CSR_IS_ROAM_SUBSTATE_STOP_BSS_REQ(pMac, pSmeRsp->sessionId)) {
-		if (CSR_IS_CONN_NDI(pMac->roam.roamSession[pSmeRsp->sessionId].
-							pCurRoamProfile)) {
+		profile =
+		    pMac->roam.roamSession[pSmeRsp->sessionId].pCurRoamProfile;
+		if (profile && CSR_IS_CONN_NDI(profile)) {
 			result_code = eCsrStopBssSuccess;
 			if (pSmeRsp->statusCode != eSIR_SME_SUCCESS)
 				result_code = eCsrStopBssFailure;
 		}
 		csr_roam_complete(pMac, result_code, NULL);
-	} else
-	if (CSR_IS_ROAM_SUBSTATE_DISCONNECT_CONTINUE
-		    (pMac, pSmeRsp->sessionId)) {
+	} else if (CSR_IS_ROAM_SUBSTATE_DISCONNECT_CONTINUE(pMac,
+			pSmeRsp->sessionId)) {
 		csr_roam_reissue_roam_command(pMac);
 	}
 }