diff options
| author | Wu Gao <wugao@codeaurora.org> | 2016-11-17 11:17:03 +0800 |
|---|---|---|
| committer | Anjaneedevi Kapparapu <akappa@codeaurora.org> | 2016-11-24 14:42:42 +0530 |
| commit | aca068d360cc9adbc90bae84d0537501f1cae135 (patch) | |
| tree | 35840cf390135fb2fa27747ea5910d6d3fffea1f | |
| parent | a1c047a7be9f9597b7c6d477fb4229312f81e4cf (diff) | |
qcacld-2.0: protect channel list buffer
AP+AP case, one is started, another one start fails and its channel
list buffer is NULL. When radar signal found, it will change channel
with second sap's context, then crashed since channel list is NULL.
Change-Id: I73f2c1c2fa0667e7517e2a6867d79175c47d4582
CRs-Fixed: 1091122
| -rw-r--r-- | CORE/SAP/src/sapModule.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/CORE/SAP/src/sapModule.c b/CORE/SAP/src/sapModule.c index d5338bf7c32e..b1fcf2254a8d 100644 --- a/CORE/SAP/src/sapModule.c +++ b/CORE/SAP/src/sapModule.c @@ -2878,6 +2878,14 @@ WLANSAP_ChannelChangeRequest(v_PVOID_t pSapCtx, uint8_t target_channel) } pMac = PMAC_STRUCT( hHal ); phyMode = sapContext->csrRoamProfile.phyMode; + + if (sapContext->csrRoamProfile.ChannelInfo.numOfChannels == 0 || + sapContext->csrRoamProfile.ChannelInfo.ChannelList == NULL) + { + VOS_TRACE( VOS_MODULE_ID_SAP, VOS_TRACE_LEVEL_ERROR, + FL("Invalid channel list")); + return VOS_STATUS_E_FAULT; + } sapContext->csrRoamProfile.ChannelInfo.ChannelList[0] = target_channel; /* * We are getting channel bonding mode from sapDfsInfor structure |