qcacld-2.0: Fix suspicious dereference of pointer

prima to qcacld-2.0 propagation Dereference of 'roamSession' pointer before NULL check in csrRoamProcessResults(). Change-Id: If9595d00387734066386dc29591aed331f46d023 CRs-Fixed: 2030051
author: Nishank Aggarwal <naggar@codeaurora.org> 2017-04-28 12:51:41 +0530
committer: Nishank Aggarwal <naggar@codeaurora.org> 2017-04-28 12:51:41 +0530
commit: 6edcd8672a6f0f8384ba477174dae41da28f5bec (patch)
tree: c1078e4ac34725bde9962070f747d7cfd91a8cac
parent: 344e641707dac46705eb7026d01e900615d1a033 (diff)
1 files changed, 25 insertions, 11 deletions
diff --git a/CORE/SME/src/csr/csrApiRoam.c b/CORE/SME/src/csr/csrApiRoam.c
index e2dd8557cef8..b59ce7c417e5 100644
--- a/CORE/SME/src/csr/csrApiRoam.c
+++ b/CORE/SME/src/csr/csrApiRoam.c
@@ -6729,22 +6729,36 @@ static tANI_BOOLEAN csrRoamProcessResults( tpAniSirGlobal pMac, tSmeCmd *pComman
                 case eCsrForcedDisassocSta:
                 case eCsrForcedDeauthSta:
                    csrRoamStateChange( pMac, eCSR_ROAMING_STATE_JOINED, sessionId);
-                   if( CSR_IS_SESSION_VALID(pMac, sessionId) )
+                   pSession = CSR_GET_SESSION(pMac, sessionId);
+                   if(pSession)
                    {
-                       pSession = CSR_GET_SESSION(pMac, sessionId);
-
-                       if ( CSR_IS_INFRA_AP(&pSession->connectedProfile) )
-                       {
-                           roamInfo.u.pConnectedProfile = &pSession->connectedProfile;
-                           vos_mem_copy(roamInfo.peerMac,
+                      if( CSR_IS_SESSION_VALID(pMac, sessionId) )
+                      {
+                          if ( CSR_IS_INFRA_AP(&pSession->connectedProfile) )
+                          {
+                               roamInfo.u.pConnectedProfile =
+                                                   &pSession->connectedProfile;
+                               vos_mem_copy(roamInfo.peerMac,
                                         pCommand->u.roamCmd.peerMac,
                                         sizeof(tSirMacAddr));
-                           roamInfo.reasonCode = eCSR_ROAM_RESULT_FORCED;
-                           roamInfo.statusCode = eSIR_SME_SUCCESS;
-                           status = csrRoamCallCallback(pMac, sessionId,
+                               roamInfo.reasonCode = eCSR_ROAM_RESULT_FORCED;
+                               roamInfo.statusCode = eSIR_SME_SUCCESS;
+                               status = csrRoamCallCallback(pMac, sessionId,
                                        &roamInfo, pCommand->u.roamCmd.roamId,
                                        eCSR_ROAM_LOSTLINK, eCSR_ROAM_RESULT_FORCED);
-                       }
+                          }
+                      }
+                      else
+                      {
+                          smsLog(pMac, LOGE, FL("Inactive sessionId %d"),
+                                             sessionId);
+                          return eHAL_STATUS_FAILURE;
+                      }
+                   }
+                   else
+                   {
+                       smsLog(pMac, LOGE, FL("Invalid session"));
+                       return eHAL_STATUS_FAILURE;
                    }
                    break;
                 case eCsrLostLink1:
author	Nishank Aggarwal <naggar@codeaurora.org>	2017-04-28 12:51:41 +0530
committer	Nishank Aggarwal <naggar@codeaurora.org>	2017-04-28 12:51:41 +0530
commit	6edcd8672a6f0f8384ba477174dae41da28f5bec (patch)
tree	c1078e4ac34725bde9962070f747d7cfd91a8cac
parent	344e641707dac46705eb7026d01e900615d1a033 (diff)