From 28ca97e82100a7d8a6e5bb60266d24166b2250da Mon Sep 17 00:00:00 2001 From: Hanumantha Reddy Pothula Date: Thu, 7 Apr 2016 12:07:47 +0530 Subject: qcacld-2.0: Resolve static analysis issues prima to qcacld-2.0 propagation Resolved static analysis issues, variable initialization, return on failure, validate data before using. Change-Id: Ia6ffd422ae3f9bc8419f32aa914839a091841335 CRs-Fixed: 975049 --- CORE/HDD/src/wlan_hdd_cfg80211.c | 3 ++- CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c | 1 + CORE/SYS/legacy/src/utils/src/parserApi.c | 18 +++++++++++------- 3 files changed, 14 insertions(+), 8 deletions(-) diff --git a/CORE/HDD/src/wlan_hdd_cfg80211.c b/CORE/HDD/src/wlan_hdd_cfg80211.c index b30f45e714d4..f77e2946abd4 100644 --- a/CORE/HDD/src/wlan_hdd_cfg80211.c +++ b/CORE/HDD/src/wlan_hdd_cfg80211.c @@ -22564,7 +22564,8 @@ static int __wlan_hdd_cfg80211_tdls_oper(struct wiphy *wiphy, { VOS_STATUS status; unsigned long rc; - tCsrTdlsLinkEstablishParams tdlsLinkEstablishParams; + tCsrTdlsLinkEstablishParams tdlsLinkEstablishParams = { {0}, 0, + 0, 0, 0, 0, 0, 0, {0}, 0, {0} }; pTdlsPeer = wlan_hdd_tdls_find_peer(pAdapter, peer, TRUE); if (NULL == pTdlsPeer) diff --git a/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c b/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c index bc7240abdadd..64939fe8a436 100644 --- a/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c +++ b/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c @@ -1180,6 +1180,7 @@ limProcessMlmAuthInd(tpAniSirGlobal pMac, tANI_U32 *pMsgBuf) // Log error limLog(pMac, LOGP, FL("call to AllocateMemory failed for eWNI_SME_AUTH_IND")); + return; } limCopyU16((tANI_U8 *) &pSirSmeAuthInd->messageType, eWNI_SME_AUTH_IND); limAuthIndSerDes(pMac, (tpLimMlmAuthInd) pMsgBuf, diff --git a/CORE/SYS/legacy/src/utils/src/parserApi.c b/CORE/SYS/legacy/src/utils/src/parserApi.c index f1c5a2082fe3..a368dec38974 100644 --- a/CORE/SYS/legacy/src/utils/src/parserApi.c +++ b/CORE/SYS/legacy/src/utils/src/parserApi.c @@ -3327,15 +3327,19 @@ sirFillBeaconMandatoryIEforEseBcnReport(tpAniSirGlobal pMac, retStatus = eSIR_FAILURE; goto err_bcnrep; } - *pos = SIR_MAC_RATESET_EID; - pos++; - *pos = eseBcnReportMandatoryIe.supportedRates.numRates; - pos++; - vos_mem_copy(pos, + if (eseBcnReportMandatoryIe.supportedRates.numRates <= + SIR_MAC_RATESET_EID_MAX) { + *pos = SIR_MAC_RATESET_EID; + pos++; + *pos = eseBcnReportMandatoryIe.supportedRates.numRates; + pos++; + vos_mem_copy(pos, (tANI_U8*)eseBcnReportMandatoryIe.supportedRates.rate, eseBcnReportMandatoryIe.supportedRates.numRates); - pos += eseBcnReportMandatoryIe.supportedRates.numRates; - freeBytes -= (1 + 1 + eseBcnReportMandatoryIe.supportedRates.numRates); + pos += eseBcnReportMandatoryIe.supportedRates.numRates; + freeBytes -= (1 + 1 + + eseBcnReportMandatoryIe.supportedRates.numRates); + } } /* Fill FH Parameter set IE */ -- cgit v1.2.3