From 1a3baa8cf476dc0e4282aa42e68b47ee82739665 Mon Sep 17 00:00:00 2001 From: Sushant Kaushik Date: Thu, 26 Jun 2014 11:21:12 +0530 Subject: wlan: Scan Failure due to uninitialized variable. During set key operation , key length is not set properly when encry type is None. As a result some time Key's length takes a garbage value . Driver only accepts key length as as 0 , when encry type is none , hence setKeyConetxt is freed when Key length is garbage, resulting in all operation being blocked in Sme_active queue. Change-Id: I3bb363b512a9436a1e388c2ae48fc8e997b584e6 CRs-Fixed: 685828 --- CORE/SME/src/csr/csrApiRoam.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CORE/SME/src/csr/csrApiRoam.c b/CORE/SME/src/csr/csrApiRoam.c index 45e2570a6dd7..7aa6912bf0ef 100644 --- a/CORE/SME/src/csr/csrApiRoam.c +++ b/CORE/SME/src/csr/csrApiRoam.c @@ -8653,6 +8653,7 @@ static eHalStatus csrRoamIssueSetKeyCommand( tpAniSirGlobal pMac, tANI_U32 sessi status = eHAL_STATUS_RESOURCES; break; } + vos_mem_zero(pCommand, sizeof(tSmeCmd)); pCommand->command = eSmeCommandSetKey; pCommand->sessionId = (tANI_U8)sessionId; // validate the key length, Adjust if too long... @@ -14032,6 +14033,8 @@ eHalStatus csrSendMBSetContextReqMsg( tpAniSirGlobal pMac, tANI_U32 sessionId, tANI_U8 *pBuf = NULL; tANI_U8 *p = NULL; tCsrRoamSession *pSession = CSR_GET_SESSION( pMac, sessionId ); + smsLog( pMac, LOG1, FL("keylength is %d, Encry type is : %d"), + keyLength, edType); do { if( ( 1 != numKeys ) && ( 0 != numKeys ) ) break; // all of these fields appear in every SET_CONTEXT message. Below we'll add in the size for each -- cgit v1.2.3