wlan: KW Error Fixes for SME/MAC/SYS/WDA
Change-Id: I0d84f67aee0dd08b483f38e1849659d0c8edcd40
CR-Fixed: 414851
diff --git a/CORE/MAC/src/pe/lim/limScanResultUtils.c b/CORE/MAC/src/pe/lim/limScanResultUtils.c
index 6fdfa8c..facc0b7 100644
--- a/CORE/MAC/src/pe/lim/limScanResultUtils.c
+++ b/CORE/MAC/src/pe/lim/limScanResultUtils.c
@@ -377,11 +377,11 @@
* a SSID (if it is also set). Ignore the other BSS in that case.
*/
- if (((fScanning) && ( pMac->lim.gLimReturnAfterFirstMatch & 0x01 )
+ if ((pMac->lim.gpLimMlmScanReq) && (((fScanning) && ( pMac->lim.gLimReturnAfterFirstMatch & 0x01 )
&& (pMac->lim.gpLimMlmScanReq->numSsid) &&
!limIsScanRequestedSSID(pMac, &pBPR->ssId))
|| (!fFound && (pMac->lim.gpLimMlmScanReq && pMac->lim.gpLimMlmScanReq->bssId) &&
- !palEqualMemory(pMac->hHdd, bssid, &pMac->lim.gpLimMlmScanReq->bssId, 6))
+ !palEqualMemory(pMac->hHdd, bssid, &pMac->lim.gpLimMlmScanReq->bssId, 6)))
)
{
/**
diff --git a/CORE/MAC/src/pe/lim/limUtils.c b/CORE/MAC/src/pe/lim/limUtils.c
index 4960882..5df8708 100644
--- a/CORE/MAC/src/pe/lim/limUtils.c
+++ b/CORE/MAC/src/pe/lim/limUtils.c
@@ -1611,7 +1611,7 @@
PELOGE(limLog(pMac, LOGE, FL(" Session not found\n"));)
return;
}
-
+
palZeroMemory( pMac->hHdd, ( tANI_U8* )&beaconParams, sizeof( tUpdateBeaconParams) );
beaconParams.bssIdx = psessionEntry->bssIdx;
@@ -4079,7 +4079,11 @@
limEnable11aProtection(tpAniSirGlobal pMac, tANI_U8 enable,
tANI_U8 overlap, tpUpdateBeaconParams pBeaconParams,tpPESession psessionEntry)
{
-
+ if(NULL == psessionEntry)
+ {
+ PELOG3(limLog(pMac, LOG3, FL("psessionEntry is NULL\n"));)
+ return eSIR_FAILURE;
+ }
//overlapping protection configuration check.
if(overlap)
{
@@ -4095,7 +4099,7 @@
else
{
//normal protection config check
- if (( psessionEntry != NULL ) && (psessionEntry->limSystemRole == eLIM_AP_ROLE) &&
+ if ((psessionEntry->limSystemRole == eLIM_AP_ROLE) &&
(!psessionEntry->cfgProtection.fromlla))
{
// protection disabled.
diff --git a/CORE/SME/src/QoS/sme_Qos.c b/CORE/SME/src/QoS/sme_Qos.c
index f1fe0b0..9d5006f 100644
--- a/CORE/SME/src/QoS/sme_Qos.c
+++ b/CORE/SME/src/QoS/sme_Qos.c
@@ -3596,7 +3596,15 @@
eHalStatus status = eHAL_STATUS_SUCCESS;
tCsrRoamSession *pCsrSession = CSR_GET_SESSION( pMac, sessionId );
tCsrRoamConnectedInfo *pCsrConnectedInfo = &pCsrSession->connectedInfo;
- tANI_U32 ricRspLen = pCsrConnectedInfo->nRICRspLength;
+ tANI_U32 ricRspLen;
+ /* To silence the KW tool NULL check is added */
+ if(pCsrConnectedInfo == NULL)
+ {
+ VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
+ FL("The connnected info pointer in NULL\n"));
+ return eHAL_STATUS_FAILURE;
+ }
+ ricRspLen = pCsrConnectedInfo->nRICRspLength;
VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_INFO_HIGH,
"%s: %d: invoked on session %d",
diff --git a/CORE/SME/src/csr/csrApiRoam.c b/CORE/SME/src/csr/csrApiRoam.c
index 6e05163..a1bf306 100644
--- a/CORE/SME/src/csr/csrApiRoam.c
+++ b/CORE/SME/src/csr/csrApiRoam.c
@@ -8288,7 +8288,8 @@
break;
case eWNI_SME_DISASSOC_RSP:
- smsLog( pMac, LOGW, FL("eWNI_SME_DISASSOC_RSP from SME subState = %d\n"), pMac->roam.curSubState[sessionId]);
+ /* session id is invalid here so cant use it to access the array curSubstate as index */
+ smsLog( pMac, LOGW, FL("eWNI_SME_DISASSOC_RSP from SME \n"));
#ifdef WLAN_SOFTAP_FEATURE
{
tSirSmeDisassocRsp *pDisassocRsp = (tSirSmeDisassocRsp *)pSirMsg;
@@ -8901,6 +8902,11 @@
tANI_TIMESTAMP roamTime = (tANI_TIMESTAMP)(pMac->roam.configParam.nRoamingTime * PAL_TICKS_PER_SECOND);
tANI_TIMESTAMP curTime = (tANI_TIMESTAMP)palGetTickCount(pMac->hHdd);
tCsrRoamSession *pSession = CSR_GET_SESSION( pMac, sessionId );
+ if(!pSession)
+ {
+ smsLog(pMac, LOGE, FL(" session %d not found "), sessionId);
+ return eANI_BOOLEAN_FALSE;
+ }
//Check whether time is up
if(pSession->fCancelRoaming || fForce ||
((curTime - pSession->roamingStartTime) > roamTime) ||
@@ -9101,6 +9107,13 @@
{
eRoamCmdStatus roamStatus = csrGetRoamCompleteStatus(pMac, sessionId);
tANI_U32 roamId = 0;
+ tCsrRoamSession *pSession = CSR_GET_SESSION( pMac, sessionId );
+ /* To silence the KW tool Null chaeck is added */
+ if(!pSession)
+ {
+ smsLog(pMac, LOGE, FL(" session %d not found "), sessionId);
+ return;
+ }
if(pCommand)
{
@@ -9116,7 +9129,7 @@
}
else
{
- VOS_ASSERT((CSR_GET_SESSION( pMac, sessionId ))->bRefAssocStartCnt == 0);
+ VOS_ASSERT(pSession->bRefAssocStartCnt == 0);
smsLog(pMac, LOGW, FL(" indicates association completion. roamResult = %d\n"), roamResult);
csrRoamCallCallback(pMac, sessionId, pRoamInfo, roamId, roamStatus, roamResult);
}
@@ -9130,9 +9143,16 @@
eCsrRoamResult result = eCSR_ROAM_RESULT_LOSTLINK;
tCsrRoamInfo *pRoamInfo = NULL;
tCsrRoamInfo roamInfo;
+ tANI_BOOLEAN fToRoam;
tCsrRoamSession *pSession = CSR_GET_SESSION( pMac, sessionId );
+ /* To silence the KW tool Null chaeck is added */
+ if(!pSession)
+ {
+ smsLog(pMac, LOGE, FL(" session %d not found "), sessionId);
+ return eHAL_STATUS_FAILURE;
+ }
//Only need to roam for infra station. In this case P2P client will roam as well
- tANI_BOOLEAN fToRoam = CSR_IS_INFRASTRUCTURE(&pSession->connectedProfile);
+ fToRoam = CSR_IS_INFRASTRUCTURE(&pSession->connectedProfile);
pSession->fCancelRoaming = eANI_BOOLEAN_FALSE;
if ( eWNI_SME_DISASSOC_IND == type )
{
diff --git a/CORE/SME/src/csr/csrApiScan.c b/CORE/SME/src/csr/csrApiScan.c
index bf04413..7695e02 100644
--- a/CORE/SME/src/csr/csrApiScan.c
+++ b/CORE/SME/src/csr/csrApiScan.c
@@ -567,6 +567,12 @@
static tANI_U8 validchannelList[CSR_MAX_2_4_GHZ_SUPPORTED_CHANNELS] = {0};
VOS_ASSERT(pScanCmd && pScanRequest);
+ /* To silence the KW tool null check is added */
+ if((pScanCmd == NULL) || (pScanRequest == NULL))
+ {
+ smsLog( pMac, LOGE, FL(" pScanCmd or pScanRequest is NULL \n"));
+ return;
+ }
if (pScanCmd->u.scanCmd.scanID ||
(eCSR_SCAN_REQUEST_FULL_SCAN != pScanRequest->requestType))
diff --git a/CORE/SYS/legacy/src/utils/src/parserApi.c b/CORE/SYS/legacy/src/utils/src/parserApi.c
index 180e171..3ef7eba 100644
--- a/CORE/SYS/legacy/src/utils/src/parserApi.c
+++ b/CORE/SYS/legacy/src/utils/src/parserApi.c
@@ -1052,7 +1052,7 @@
}
#ifdef WLAN_SOFTAP_FEATURE
- if(psessionEntry->limSystemRole == eLIM_AP_ROLE ){
+ if((psessionEntry) && (psessionEntry->limSystemRole == eLIM_AP_ROLE)){
CFG_GET_INT( nSirStatus, pMac, WNI_CFG_HT_INFO_FIELD2, nCfgValue );
uHTInfoField2.nCfgValue16 = nCfgValue & 0xFFFF; // this is added for fixing CRs on MDM9K platform - 257951, 259577
diff --git a/CORE/WDA/src/wlan_qct_wda.c b/CORE/WDA/src/wlan_qct_wda.c
index 2979735..125b67f 100644
--- a/CORE/WDA/src/wlan_qct_wda.c
+++ b/CORE/WDA/src/wlan_qct_wda.c
@@ -7553,6 +7553,7 @@
"%s:wdaWdiApiMsgParam is not NULL", __FUNCTION__);
VOS_ASSERT(0);
vos_mem_free(wdiHostOffloadInfo);
+ vos_mem_free(pWdaParams) ;
return VOS_STATUS_E_FAILURE;
}
/* Store param pointer as passed in by caller */
@@ -11666,6 +11667,12 @@
void WDA_stopFailed(v_PVOID_t pVosContext)
{
tWDA_CbContext *pWDA = (tWDA_CbContext *)VOS_GET_WDA_CTXT(pVosContext);
+ if(pWDA == NULL)
+ {
+ VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
+ "Could not get the WDA Context pointer" );
+ return;
+ }
pWDA->needShutdown = TRUE;
}
/*
@@ -11676,7 +11683,13 @@
v_BOOL_t WDA_needShutdown(v_PVOID_t pVosContext)
{
tWDA_CbContext *pWDA = (tWDA_CbContext *)VOS_GET_WDA_CTXT(pVosContext);
- return pWDA->needShutdown;
+ if(pWDA == NULL)
+ {
+ VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
+ "Could not get the WDA Context pointer" );
+ return 0;
+ }
+ return pWDA->needShutdown;
}
#ifdef WLAN_FEATURE_11AC