From f6cc53fbafc268cb8414267d182ad64fbeaaff15 Mon Sep 17 00:00:00 2001 From: Vinod Kumar Pirla Date: Tue, 12 Sep 2023 03:07:57 -0700 Subject: [PATCH] qcacld-3.0: Allow channel change only if SAP is started AP context in adapter will have existing beacon data of SAP which will be created on SAP start BSS. If userspace requests channel switch before start BSS then trying to access beacon data in hdd_softap_set_channel_change() API might result in NULL pointer dereference. Check if SAP BSS is started on that link info before processing the channel switch request. CRs-Fixed: 3612796 Change-Id: I2d6aefb78914450551f59ee445d76da3dda69a16 --- core/hdd/src/wlan_hdd_ioctl.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/core/hdd/src/wlan_hdd_ioctl.c b/core/hdd/src/wlan_hdd_ioctl.c index 2d82412ed3..013dcf6ef8 100644 --- a/core/hdd/src/wlan_hdd_ioctl.c +++ b/core/hdd/src/wlan_hdd_ioctl.c @@ -6396,6 +6396,11 @@ static int drv_cmd_set_channel_switch(struct wlan_hdd_link_info *link_info, return -EINVAL; } + if (!qdf_atomic_test_bit(SOFTAP_BSS_STARTED, &link_info->link_flags)) { + hdd_err("SAP not started"); + return -EINVAL; + } + status = hdd_parse_set_channel_switch_command(value, &chan_number, &chan_bw); if (status) {