qcacld-2.0: Fix session_cnt overflow issue

Add index overflow check for channels and session_cnt. Change-Id: I57d1f78f3c917b9bd76329995f3facc93fa62fe0 CRs-Fixed: 2104892
author: Liangwei Dong <liangwei@codeaurora.org> 2017-09-06 01:30:31 -0400
committer: snandini <snandini@codeaurora.org> 2017-09-20 03:13:52 -0700
commit: ed870840c7867c74d999c65e5ae9526acf2e90df (patch)
tree: 27c30e2b36c4fe0d058661dcace7086b3e96bb43
parent: 67e7a8a9d93a16e6ac3eea18cb9d3856f219b354 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/CORE/SAP/src/sapFsm.c b/CORE/SAP/src/sapFsm.c
index 4042767d04df..cd84fe08adcf 100644
--- a/CORE/SAP/src/sapFsm.c
+++ b/CORE/SAP/src/sapFsm.c
@@ -2290,8 +2290,8 @@ static VOS_STATUS sap_check_mcc_valid(
 	session_info_t *info;
 	session_info_t sessions[VOS_MAX_CONCURRENCY_PERSONA + 1];
 	v_U8_t	i, j;
-	v_U8_t session_cnt[VOS_MAX_CONCURRENCY_PERSONA];
-	v_U32_t channels[VOS_MAX_CONCURRENCY_PERSONA];
+	v_U8_t session_cnt[VOS_MAX_CONCURRENCY_PERSONA + 1];
+	v_U32_t channels[VOS_MAX_CONCURRENCY_PERSONA + 1];
 	v_U8_t chan_cnt = 0;
 
 	if (session_count <= 0)
@@ -2319,7 +2319,8 @@ static VOS_STATUS sap_check_mcc_valid(
 				break;
 			}
 		}
-		if (j >= chan_cnt) {
+		if ((j >= chan_cnt) &&
+		    (chan_cnt < (VOS_MAX_CONCURRENCY_PERSONA + 1))) {
 			channels[chan_cnt] = info->och;
 			session_cnt[chan_cnt] = 1;
 			chan_cnt++;
author	Liangwei Dong <liangwei@codeaurora.org>	2017-09-06 01:30:31 -0400
committer	snandini <snandini@codeaurora.org>	2017-09-20 03:13:52 -0700
commit	ed870840c7867c74d999c65e5ae9526acf2e90df (patch)
tree	27c30e2b36c4fe0d058661dcace7086b3e96bb43
parent	67e7a8a9d93a16e6ac3eea18cb9d3856f219b354 (diff)