Página Principal Explorar Ajuda
Iniciar Sessão
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Ver Fonte

qcacld-3.0: Fix the issues reported by static analysis tool

Fix the issues reported by static analysis tool for SME and WMA
modules. Following is the summar of issues which are fixed,
1) Get the csr session first and then validate the session to avoid
   un-necessary session dereferencing.
2) If scan_info structure is null then return immediately else
   populate scan_info structure properly.
3) Valid the mac context before deferencing it.
4) Validate the roam_req, wma, synch_event pointers before deferencing
   them.

Change-Id: I522812b5c35dd540c38064e49e39ed75fb7d3e18
CRs-Fixed: 2032854
Krunal Soni há 8 anos atrás
pai
f6f905fd0a
commit
fea068027c
3 ficheiros alterados com 16 adições e 11 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 4 7
      core/sme/src/common/sme_api.c
  2. 4 0
      core/wma/src/wma_mgmt.c
  3. 8 4
      core/wma/src/wma_scan_roam.c

+ 4 - 7
core/sme/src/common/sme_api.c
Ver Ficheiro 

@@ -7018,13 +7018,10 @@ QDF_STATUS sme_8023_multicast_list(tHalHandle hHal, uint8_t sessionId,
 
 		  pMulticastAddrs->multicastAddr[0].bytes);
 
 
 	/* Find the connected Infra / P2P_client connected session */
 
-	if (CSR_IS_SESSION_VALID(pMac, sessionId) &&
 
-			(csr_is_conn_state_infra(pMac, sessionId) ||
 
-			csr_is_ndi_started(pMac, sessionId))) {
 
-		pSession = CSR_GET_SESSION(pMac, sessionId);
 
-	}
 
-
 
-	if (pSession == NULL) {
 
+	pSession = CSR_GET_SESSION(pMac, sessionId);
 
+	if (!CSR_IS_SESSION_VALID(pMac, sessionId) ||
 
+			(!csr_is_conn_state_infra(pMac, sessionId) &&
 
+			 !csr_is_ndi_started(pMac, sessionId))) {
 
 		QDF_TRACE(QDF_MODULE_ID_SME, QDF_TRACE_LEVEL_WARN,
 
 			  "%s: Unable to find the session Id: %d", __func__,
 
 			  sessionId);

+ 4 - 0
core/wma/src/wma_mgmt.c
Ver Ficheiro 

@@ -691,6 +691,10 @@ void wma_set_sta_sa_query_param(tp_wma_handle wma,
 
 
 	WMA_LOGD(FL("Enter:"));
 
 
+	if (!mac) {
 
+		WMA_LOGE(FL("mac context is NULL"));
 
+		return;
 
+	}
 
 	if (wlan_cfg_get_int
 
 		    (mac, WNI_CFG_PMF_SA_QUERY_MAX_RETRIES,
 
 		    &max_retries) != eSIR_SUCCESS) {

+ 8 - 4
core/wma/src/wma_scan_roam.c
Ver Ficheiro 

@@ -2406,9 +2406,11 @@ cleanup_label:
 
 			wma->csr_roam_synch_cb((tpAniSirGlobal)wma->mac_context,
 
 				roam_synch_ind_ptr, NULL, SIR_ROAMING_ABORT);
 
 		roam_req = qdf_mem_malloc(sizeof(tSirRoamOffloadScanReq));
 
-		roam_req->Command = ROAM_SCAN_OFFLOAD_STOP;
 
-		roam_req->reason = REASON_ROAM_SYNCH_FAILED;
 
-		wma_process_roaming_config(wma, roam_req);
 
+		if (roam_req) {
 
+			roam_req->Command = ROAM_SCAN_OFFLOAD_STOP;
 
+			roam_req->reason = REASON_ROAM_SYNCH_FAILED;
 
+			wma_process_roaming_config(wma, roam_req);
 
+		}
 
 	}
 
 	if (roam_synch_ind_ptr && roam_synch_ind_ptr->join_rsp)
 
 		qdf_mem_free(roam_synch_ind_ptr->join_rsp);
 
@@ -2416,7 +2418,9 @@ cleanup_label:
 
 		qdf_mem_free(roam_synch_ind_ptr);
 
 	if (bss_desc_ptr)
 
 		qdf_mem_free(bss_desc_ptr);
 
-	wma->interfaces[synch_event->vdev_id].roam_synch_in_progress = false;
 
+	if (wma && synch_event)
 
+		wma->interfaces[synch_event->vdev_id].roam_synch_in_progress =
 
+			false;
 
 
 	return status;
 
 }