qcacld-3.0: Fix NULL pointer access condition

Currently the host does not check the acs config
pointer present in the sap context, and uses it,
which can lead to NULL pointer access.

Fix is to use the acs config only if it is valid.

Change-Id: I2508e54ea431e58f93579e8e66b9bfa9e79e0c07
CRs-Fixed: 2435548

2 files changed, 2 insertions, 2 deletions

diff --git a/core/hdd/src/wlan_hdd_main.c b/core/hdd/src/wlan_hdd_main.c
index 9f1d4b8dd62a..c78c66991e96 100644
--- a/core/hdd/src/wlan_hdd_main.c
+++ b/core/hdd/src/wlan_hdd_main.c
@@ -8226,7 +8226,7 @@ void hdd_unsafe_channel_restart_sap(hdd_context_t *hdd_ctxt)
 
 		restart_chan =
 			wlansap_get_safe_channel_from_pcl_and_acs_range(
-					adapter_temp);
+					adapter_temp->sessionCtx.ap.sapContext);
 		if (!restart_chan) {
 			hdd_err("fail to restart SAP");
 		} else {
diff --git a/core/sap/src/sap_module.c b/core/sap/src/sap_module.c
index 4ff040ec5930..b1d7ed4b510c 100644
--- a/core/sap/src/sap_module.c
+++ b/core/sap/src/sap_module.c
@@ -3878,7 +3878,7 @@ QDF_STATUS wlansap_filter_ch_based_acs(void *cds_ctx,
 
 	sap_ctx = CDS_GET_SAP_CB(cds_ctx);
 
-	if (!sap_ctx || !ch_list || !ch_cnt) {
+	if (!sap_ctx || !ch_list || !ch_cnt || !sap_ctx->acs_cfg) {
 		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
 			  "Null parameters");
 		return QDF_STATUS_E_FAULT;