diff options
| author | Rajesh Chauhan <rajeshc@codeaurora.org> | 2017-10-08 16:10:59 -0700 |
|---|---|---|
| committer | snandini <snandini@codeaurora.org> | 2017-10-09 04:39:54 -0700 |
| commit | c99a1cf0f00c6cf852fb7fe1abda903e24bb5242 (patch) | |
| tree | 2284f0b577be205f50dedfb2a2659e728c96b232 | |
| parent | 3d251e063a39a551356fb715c9103209f2a9aa76 (diff) | |
qcacld-3.0: Fix null pointer dereference in wma_scan_event_callback
Check for vdev id in wma_scan_event_callback is done before
initializing wmi_event. Move this check after initialization
of wmi_event.
Change-Id: I091226979ce71274779d350b353fdd4d29040457
CRs-Fixed: 2122957
| -rw-r--r-- | core/wma/src/wma_scan_roam.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/core/wma/src/wma_scan_roam.c b/core/wma/src/wma_scan_roam.c index 0ccdb8be8e8b..6aac284c497b 100644 --- a/core/wma/src/wma_scan_roam.c +++ b/core/wma/src/wma_scan_roam.c @@ -6113,13 +6113,14 @@ int wma_scan_event_callback(WMA_HANDLE handle, uint8_t *data, uint8_t vdev_id; uint32_t scan_id; + param_buf = (WMI_SCAN_EVENTID_param_tlvs *) data; + wmi_event = param_buf->fixed_param; + if (wmi_event->vdev_id >= wma_handle->max_bssid) { WMA_LOGE("Invalid vdev id from firmware"); return -EINVAL; } - param_buf = (WMI_SCAN_EVENTID_param_tlvs *) data; - wmi_event = param_buf->fixed_param; vdev_id = wmi_event->vdev_id; scan_id = wma_handle->interfaces[vdev_id].scan_info.scan_id; |
