diff options
| author | Rajesh Chauhan <rajeshc@qca.qualcomm.com> | 2014-01-15 16:02:07 -0800 |
|---|---|---|
| committer | Prakash Dhavali <pdhavali@qca.qualcomm.com> | 2014-01-26 20:08:20 -0800 |
| commit | 4aa07c11c4b695ea0a80f4b5f02711d785fbf155 (patch) | |
| tree | 2f35fe286fbc16f2337216f89dc2678240fb031d | |
| parent | da6be59ba625ecc54692edd3f2591241210f4e8d (diff) | |
qcalcd: Fix static analysis issue in HDD files
Fix static analysis issues reported in following HDD files:
- wlan_hdd_assoc.c
- wlan_hdd_cfg80211.c
- wlan_hdd_ftm.c
- wlan_hdd_hostapd.c
- wlan_hdd_softap_tx_rx.c
CRs-Fixed: 601529
Change-Id: Iabd518cf9d470fa64819723ea67e4c49e9ace36f
| -rw-r--r-- | CORE/HDD/inc/wlan_hdd_hostapd.h | 3 | ||||
| -rw-r--r-- | CORE/HDD/src/wlan_hdd_assoc.c | 15 | ||||
| -rw-r--r-- | CORE/HDD/src/wlan_hdd_cfg80211.c | 40 | ||||
| -rw-r--r-- | CORE/HDD/src/wlan_hdd_ftm.c | 27 | ||||
| -rw-r--r-- | CORE/HDD/src/wlan_hdd_hostapd.c | 31 | ||||
| -rw-r--r-- | CORE/HDD/src/wlan_hdd_softap_tx_rx.c | 2 |
6 files changed, 107 insertions, 11 deletions
diff --git a/CORE/HDD/inc/wlan_hdd_hostapd.h b/CORE/HDD/inc/wlan_hdd_hostapd.h index cae765a4ca35..d6eb719306a4 100644 --- a/CORE/HDD/inc/wlan_hdd_hostapd.h +++ b/CORE/HDD/inc/wlan_hdd_hostapd.h @@ -51,6 +51,9 @@ Preprocessor definitions and constants -------------------------------------------------------------------------*/ +/* max length of command string in hostapd ioctl */ +#define HOSTAPD_IOCTL_COMMAND_STRLEN_MAX 2048 + hdd_adapter_t* hdd_wlan_create_ap_dev( hdd_context_t *pHddCtx, tSirMacAddr macAddr, tANI_U8 *name); VOS_STATUS hdd_register_hostapd(hdd_adapter_t *pAdapter, tANI_U8 rtnl_held); diff --git a/CORE/HDD/src/wlan_hdd_assoc.c b/CORE/HDD/src/wlan_hdd_assoc.c index d0e0c906ae6d..be1a9f3f2b50 100644 --- a/CORE/HDD/src/wlan_hdd_assoc.c +++ b/CORE/HDD/src/wlan_hdd_assoc.c @@ -2252,8 +2252,10 @@ eHalStatus hdd_RoamTdlsStatusUpdateHandler(hdd_adapter_t *pAdapter, { hdd_context_t *pHddCtx = WLAN_HDD_GET_CTX(pAdapter); #ifdef QCA_WIFI_2_0 +#ifdef CONFIG_TDLS_IMPLICIT tdlsCtx_t *pHddTdlsCtx = WLAN_HDD_GET_TDLS_CTX_PTR(pAdapter); #endif +#endif eHalStatus status = eHAL_STATUS_FAILURE ; tANI_U8 staIdx; @@ -2280,6 +2282,19 @@ eHalStatus hdd_RoamTdlsStatusUpdateHandler(hdd_adapter_t *pAdapter, pRoamInfo->peerMac[4], pRoamInfo->peerMac[5]) ; #endif + +#ifdef QCA_WIFI_2_0 +#ifdef CONFIG_TDLS_IMPLICIT + if (!pHddTdlsCtx) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: TDLS ctx is null, ignore roamResult (%d)", + __func__, roamResult); + return status; + } +#endif +#endif + switch( roamResult ) { case eCSR_ROAM_RESULT_ADD_TDLS_PEER: diff --git a/CORE/HDD/src/wlan_hdd_cfg80211.c b/CORE/HDD/src/wlan_hdd_cfg80211.c index 8facceb8c21a..091ec04f4897 100644 --- a/CORE/HDD/src/wlan_hdd_cfg80211.c +++ b/CORE/HDD/src/wlan_hdd_cfg80211.c @@ -2748,7 +2748,7 @@ int wlan_hdd_cfg80211_change_iface( struct wiphy *wiphy, { struct wireless_dev *wdev; hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR( ndev ); - hdd_context_t *pHddCtx = WLAN_HDD_GET_CTX( pAdapter ); + hdd_context_t *pHddCtx; hdd_adapter_t *pP2pAdapter = NULL; tCsrRoamProfile *pRoamProfile = NULL; eCsrRoamBssType LastBSSType; @@ -2758,6 +2758,21 @@ int wlan_hdd_cfg80211_change_iface( struct wiphy *wiphy, ENTER(); + if (!pAdapter) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: Adapter context is null", __func__); + return VOS_STATUS_E_FAILURE; + } + + pHddCtx = WLAN_HDD_GET_CTX( pAdapter ); + if (!pHddCtx) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: HDD context is null", __func__); + return VOS_STATUS_E_FAILURE; + } + status = wlan_hdd_validate_context(pHddCtx); if (0 != status) @@ -2800,6 +2815,12 @@ int wlan_hdd_cfg80211_change_iface( struct wiphy *wiphy, ) { hdd_wext_state_t *pWextState = WLAN_HDD_GET_WEXT_STATE_PTR(pAdapter); + if (!pWextState) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: pWextState is null", __func__); + return VOS_STATUS_E_FAILURE; + } pRoamProfile = &pWextState->roamProfile; LastBSSType = pRoamProfile->BSSType; @@ -6275,16 +6296,29 @@ static int wlan_hdd_cfg80211_connect( struct wiphy *wiphy, int status; hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR( ndev ); VOS_STATUS exitbmpsStatus = VOS_STATUS_E_INVAL; - hdd_context_t *pHddCtx = WLAN_HDD_GET_CTX(pAdapter); + hdd_context_t *pHddCtx; ENTER(); + if (!pAdapter) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: Adapter context is null", __func__); + return VOS_STATUS_E_FAILURE; + } + hddLog(VOS_TRACE_LEVEL_INFO, "%s: device_mode = %d\n",__func__,pAdapter->device_mode); pHddCtx = WLAN_HDD_GET_CTX(pAdapter); - status = wlan_hdd_validate_context(pHddCtx); + if (!pHddCtx) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: HDD context is null", __func__); + return VOS_STATUS_E_FAILURE; + } + status = wlan_hdd_validate_context(pHddCtx); if (0 != status) { VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, diff --git a/CORE/HDD/src/wlan_hdd_ftm.c b/CORE/HDD/src/wlan_hdd_ftm.c index 9bcf52d99110..e5c3799071fc 100644 --- a/CORE/HDD/src/wlan_hdd_ftm.c +++ b/CORE/HDD/src/wlan_hdd_ftm.c @@ -435,6 +435,10 @@ static VOS_STATUS wlan_ftm_vos_open( v_CONTEXT_t pVosContext, v_SIZE_t hddContex #if defined(QCA_WIFI_2_0) && defined(QCA_WIFI_FTM) adf_os_device_t adf_ctx; HTC_INIT_INFO htcInfo; +#ifndef QCA_WIFI_ISOC + v_PVOID_t pHifContext = NULL; + v_PVOID_t pHtcContext = NULL; +#endif #endif hdd_context_t *pHddCtx; @@ -503,7 +507,15 @@ static VOS_STATUS wlan_ftm_vos_open( v_CONTEXT_t pVosContext, v_SIZE_t hddContex #if defined(QCA_WIFI_2_0) && defined(QCA_WIFI_FTM) #ifndef QCA_WIFI_ISOC /* Initialize BMI and Download firmware */ - if (bmi_download_firmware(vos_get_context(VOS_MODULE_ID_HIF, gpVosContext))) { + pHifContext = vos_get_context(VOS_MODULE_ID_HIF, gpVosContext); + if (!pHifContext) + { + VOS_TRACE(VOS_MODULE_ID_VOSS, VOS_TRACE_LEVEL_FATAL, + "%s: failed to get HIF context", __func__); + goto err_sched_close; + } + + if (bmi_download_firmware(pHifContext)) { VOS_TRACE(VOS_MODULE_ID_VOSS, VOS_TRACE_LEVEL_FATAL, "%s: BMI failed to download target", __func__); goto err_bmi_close; @@ -526,7 +538,7 @@ static VOS_STATUS wlan_ftm_vos_open( v_CONTEXT_t pVosContext, v_SIZE_t hddContex } #ifndef QCA_WIFI_ISOC - if (bmi_done(vos_get_context(VOS_MODULE_ID_HIF, gpVosContext))) { + if (bmi_done(pHifContext)) { VOS_TRACE(VOS_MODULE_ID_VOSS, VOS_TRACE_LEVEL_FATAL, "%s: Failed to complete BMI phase", __func__); goto err_htc_close; @@ -582,7 +594,14 @@ static VOS_STATUS wlan_ftm_vos_open( v_CONTEXT_t pVosContext, v_SIZE_t hddContex #if defined (QCA_WIFI_2_0) && defined(QCA_WIFI_FTM) \ && !defined (QCA_WIFI_ISOC) - if (HTCWaitTarget(vos_get_context(VOS_MODULE_ID_HTC, gpVosContext))) { + pHtcContext = vos_get_context(VOS_MODULE_ID_HTC, gpVosContext); + if (!pHtcContext) + { + VOS_TRACE(VOS_MODULE_ID_VOSS, VOS_TRACE_LEVEL_FATAL, + "%s: failed to get HTC context", __func__); + goto err_wda_close; + } + if (HTCWaitTarget(pHtcContext)) { VOS_TRACE( VOS_MODULE_ID_VOSS, VOS_TRACE_LEVEL_FATAL, "%s: Failed to complete BMI phase", __func__); goto err_wda_close; @@ -676,7 +695,7 @@ err_htc_close: #ifndef QCA_WIFI_ISOC err_bmi_close: - BMICleanup(vos_get_context(VOS_MODULE_ID_HIF, gpVosContext)); + BMICleanup(pHifContext); #endif /* #ifndef QCA_WIFI_ISOC */ #endif /* #QCA_WIFI_2_0 && QCA_WIFI_FTM */ diff --git a/CORE/HDD/src/wlan_hdd_hostapd.c b/CORE/HDD/src/wlan_hdd_hostapd.c index 9fc88280c2dd..869b58f76386 100644 --- a/CORE/HDD/src/wlan_hdd_hostapd.c +++ b/CORE/HDD/src/wlan_hdd_hostapd.c @@ -230,7 +230,7 @@ int hdd_hostapd_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) } if (priv_data.total_len <= 0 || - priv_data.total_len == INT_MAX) + priv_data.total_len > HOSTAPD_IOCTL_COMMAND_STRLEN_MAX) { /* below we allocate one more byte for command buffer. * To avoid addition overflow total_len should be @@ -1042,13 +1042,37 @@ static iw_softap_setparam(struct net_device *dev, union iwreq_data *wrqu, char *extra) { hdd_adapter_t *pHostapdAdapter = (netdev_priv(dev)); - tHalHandle hHal = WLAN_HDD_GET_HAL_CTX(pHostapdAdapter); + tHalHandle hHal; int *value = (int *)extra; int sub_cmd = value[0]; int set_value = value[1]; eHalStatus status; int ret = 0; /* success */ - v_CONTEXT_t pVosContext = (WLAN_HDD_GET_CTX(pHostapdAdapter))->pvosContext; + v_CONTEXT_t pVosContext; + + if (!pHostapdAdapter || !pHostapdAdapter->pHddCtx) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: either hostapd Adapter is null or HDD ctx is null", + __func__); + return -1; + } + + hHal = WLAN_HDD_GET_HAL_CTX(pHostapdAdapter); + if (!hHal) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: Hal ctx is null", __func__); + return -1; + } + + pVosContext = (WLAN_HDD_GET_CTX(pHostapdAdapter))->pvosContext; + if (!pVosContext) + { + VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR, + "%s: Vos ctx is null", __func__); + return -1; + } switch(sub_cmd) { @@ -1907,6 +1931,7 @@ static iw_softap_ap_stats(struct net_device *dev, int len = wrqu->data.length; pstatbuf = wrqu->data.pointer; + memset(&statBuffer, 0, sizeof(statBuffer)); WLANSAP_GetStatistics((WLAN_HDD_GET_CTX(pHostapdAdapter))->pvosContext, &statBuffer, (v_BOOL_t)wrqu->data.flags); diff --git a/CORE/HDD/src/wlan_hdd_softap_tx_rx.c b/CORE/HDD/src/wlan_hdd_softap_tx_rx.c index 7d269b724701..39a11a6d62fa 100644 --- a/CORE/HDD/src/wlan_hdd_softap_tx_rx.c +++ b/CORE/HDD/src/wlan_hdd_softap_tx_rx.c @@ -1021,7 +1021,7 @@ VOS_STATUS hdd_softap_tx_complete_cbk( v_VOID_t *vosContext, //Return the skb to the OS status = vos_pkt_get_os_packet( pVosPacket, &pOsPkt, VOS_TRUE ); - if(!VOS_IS_STATUS_SUCCESS( status )) + if ((!VOS_IS_STATUS_SUCCESS(status)) || (!pOsPkt)) { //This is bad but still try to free the VOSS resources if we can VOS_TRACE( VOS_MODULE_ID_HDD_SOFTAP, VOS_TRACE_LEVEL_ERROR,"%s: Failure extracting skb from vos pkt", __func__); |