qcacld: Fix PE issues found by static code analysis

tSirMsgQ is of size 12 bytes and vos_msg_t is of size 16 bytes. The issue is in function limPostMsgApi the input parameter pMsg of type tSirMsgQ is type-casted to vos_msg_t and later message is being copied to type-casted 12 bytes of pointer with 16 bytes of data. This can lead to memory corruption. Fix this by making sure both of these structures are of same size Change-Id: I2d7d90708710b0cdff958153ccaf7fbe10edd849 CRs-Fixed: 627518
author: Srinivas Girigowda <sgirigow@qca.qualcomm.com> 2014-03-06 12:17:25 -0800
committer: Nandini Suresh <snandini@qca.qualcomm.com> 2014-03-07 19:21:14 -0800
commit: d46e6c7188f539e9bee4e397a68540bd1526d73e (patch)
tree: a5b2554de61f15724eeb55969c8c32e836c7a867
parent: 5440a3e1e25611093b91dcbd94d873e481c19487 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/CORE/MAC/src/include/sirParams.h b/CORE/MAC/src/include/sirParams.h
index b15fc9c689c4..cfea61d3d6ba 100644
--- a/CORE/MAC/src/include/sirParams.h
+++ b/CORE/MAC/src/include/sirParams.h
@@ -144,6 +144,13 @@ typedef struct sSirMsgQ
      */
     void *bodyptr;
     tANI_U32 bodyval;
+
+    /*
+     * Some messages provide a callback function.  The function signature
+     * must be agreed upon between the two entities exchanging the message
+     */
+    void *callback;
+
 } tSirMsgQ, *tpSirMsgQ;
 
 /// Mailbox Message Structure Define
author	Srinivas Girigowda <sgirigow@qca.qualcomm.com>	2014-03-06 12:17:25 -0800
committer	Nandini Suresh <snandini@qca.qualcomm.com>	2014-03-07 19:21:14 -0800
commit	d46e6c7188f539e9bee4e397a68540bd1526d73e (patch)
tree	a5b2554de61f15724eeb55969c8c32e836c7a867
parent	5440a3e1e25611093b91dcbd94d873e481c19487 (diff)