wlan: Fixes for WDI, DXE, VOSS, TL & utils
Fixes on host modules WDI, DXE,VOSS, TL & utils
CRs-fixed: 466197
Change-Id: I5f7c23f61de74c7fb04add1cfb033ddc6171ef1e
diff --git a/CORE/DXE/src/wlan_qct_dxe.c b/CORE/DXE/src/wlan_qct_dxe.c
index 2e9b8c5..f99adc1 100644
--- a/CORE/DXE/src/wlan_qct_dxe.c
+++ b/CORE/DXE/src/wlan_qct_dxe.c
@@ -335,6 +335,13 @@
wpt_status status = eWLAN_PAL_STATUS_SUCCESS;
wpt_uint32 regValue = 0;
+ if(channelEntry->channelType > WDTS_CHANNEL_RX_HIGH_PRI)
+ {
+ HDXE_MSG(eWLAN_MODULE_DAL_DATA, eWLAN_PAL_TRACE_LEVEL_FATAL,
+ "INVALID Channel type");
+ return eWLAN_PAL_STATUS_E_INVAL;
+ }
+
HDXE_MSG(eWLAN_MODULE_DAL_DATA, eWLAN_PAL_TRACE_LEVEL_FATAL,
"%s Channel register dump for %s, base address 0x%x",
channelType[channelEntry->channelType],
diff --git a/CORE/MAC/src/include/sirParams.h b/CORE/MAC/src/include/sirParams.h
index 23da65c..b3d9018 100644
--- a/CORE/MAC/src/include/sirParams.h
+++ b/CORE/MAC/src/include/sirParams.h
@@ -93,8 +93,8 @@
SAP32STA = 5,
TDLS = 6,
P2P_GO_NOA_DECOUPLE_INIT_SCAN = 7,
- WLANACTIVE_OFFLOAD = 8,
- MAX_FEATURE_SUPPORTED = 128,
+ WLANACTIVE_OFFLOAD = 8
+ //MAX_FEATURE_SUPPORTED = 128
} placeHolderInCapBitmap;
typedef enum eSriLinkState {
diff --git a/CORE/TL/src/wlan_qct_tl.c b/CORE/TL/src/wlan_qct_tl.c
index e5ac9cb..101fe09 100644
--- a/CORE/TL/src/wlan_qct_tl.c
+++ b/CORE/TL/src/wlan_qct_tl.c
@@ -7264,6 +7264,13 @@
return VOS_STATUS_E_FAULT;
}
+ if(WLANTL_STA_ID_INVALID(ucSTAId))
+ {
+ TLLOGE(VOS_TRACE(VOS_MODULE_ID_TL, VOS_TRACE_LEVEL_ERROR,"ucSTAId %d is not valid",
+ ucSTAId));
+ return VOS_STATUS_E_INVAL;
+ }
+
pClientSTA = pTLCb->atlSTAClients[ucSTAId];
if ( NULL == pClientSTA )
@@ -7890,7 +7897,13 @@
// Extract the message from the message body
FlushACRspPtr = (tpFlushACRsp)(message->bodyptr);
// Make sure the call back function is not null.
- VOS_ASSERT(pTLCb->tlBAPClient.pfnFlushOpCompleteCb != NULL);
+ if ( NULL == pTLCb->tlBAPClient.pfnFlushOpCompleteCb )
+ {
+ VOS_ASSERT(0);
+ TLLOGE(VOS_TRACE( VOS_MODULE_ID_TL, VOS_TRACE_LEVEL_ERROR,
+ "WLAN TL:Invalid TL pointer pfnFlushOpCompleteCb"));
+ return VOS_STATUS_E_FAULT;
+ }
TLLOG2(VOS_TRACE(VOS_MODULE_ID_TL, VOS_TRACE_LEVEL_INFO_HIGH,
"Received message: Flush complete received by TL"));
@@ -9773,10 +9786,13 @@
"STA ID: %d on WLAN_TLGetNextTxIds", *pucSTAId));
pTLCb->ucCurrentSTA = ucNextSTA;
break;
- } else
+ }
+ else
+ {
TLLOG2(VOS_TRACE( VOS_MODULE_ID_TL, VOS_TRACE_LEVEL_INFO_HIGH,
"%s Sta %d is not in auth state, skipping this sta.",
__func__, ucNextSTA));
+ }
}
}
diff --git a/CORE/VOSS/src/vos_nvitem.c b/CORE/VOSS/src/vos_nvitem.c
index 42fac3a..b98b777 100644
--- a/CORE/VOSS/src/vos_nvitem.c
+++ b/CORE/VOSS/src/vos_nvitem.c
@@ -828,6 +828,13 @@
pHddCtx = vos_get_context(VOS_MODULE_ID_HDD, pVosContext);
else
return VOS_STATUS_E_EXISTS;
+ if (NULL == pHddCtx)
+ {
+ VOS_TRACE( VOS_MODULE_ID_VOSS, VOS_TRACE_LEVEL_ERROR,
+ ("Invalid pHddCtx pointer\r\n") );
+ return VOS_STATUS_E_FAULT;
+ }
+
wiphy = pHddCtx->wiphy;
init_completion(&pHddCtx->driver_crda_req);
regulatory_hint(wiphy, countryCode);
@@ -1295,7 +1302,7 @@
status = VOS_STATUS_E_INVAL;
}
else {
- memcpy(outputVoidBuffer,&gnvEFSTable->halnv.tables.pktTypePwrLimits[0][0],bufferSize);
+ memcpy(outputVoidBuffer,gnvEFSTable->halnv.tables.pktTypePwrLimits,bufferSize);
}
break;
case VNV_OFDM_CMD_PWR_OFFSET:
@@ -1523,7 +1530,7 @@
status = VOS_STATUS_E_INVAL;
}
else {
- memcpy(&gnvEFSTable->halnv.tables.pktTypePwrLimits[0][0],inputVoidBuffer,bufferSize);
+ memcpy(gnvEFSTable->halnv.tables.pktTypePwrLimits,inputVoidBuffer,bufferSize);
}
break;
diff --git a/CORE/VOSS/src/vos_trace.c b/CORE/VOSS/src/vos_trace.c
index aaaa42a..13ffded 100644
--- a/CORE/VOSS/src/vos_trace.c
+++ b/CORE/VOSS/src/vos_trace.c
@@ -269,8 +269,11 @@
(char *) gVosTraceInfo[ module ].moduleNameStr );
// print the formatted log message after the prefix string.
- vsnprintf(strBuffer + n, VOS_TRACE_BUFFER_SIZE - n, strFormat, val );
- pr_err("%s\n", strBuffer);
+ if (n < VOS_TRACE_BUFFER_SIZE)
+ {
+ vsnprintf(strBuffer + n, VOS_TRACE_BUFFER_SIZE - n, strFormat, val );
+ pr_err("%s\n", strBuffer);
+ }
va_end( val);
}
}
diff --git a/CORE/WDI/CP/src/wlan_qct_wdi.c b/CORE/WDI/CP/src/wlan_qct_wdi.c
index 0a3da47..738d9f0 100644
--- a/CORE/WDI/CP/src/wlan_qct_wdi.c
+++ b/CORE/WDI/CP/src/wlan_qct_wdi.c
@@ -7697,9 +7697,18 @@
uMsgSize);
}else
#endif
- wpalMemoryCopy( pSendBuffer+usDataOffset,
- &halConfigBssReqMsg.uBssParams.configBssParams,
- uMsgSize);
+ {
+ if ( uMsgSize <= sizeof(tConfigBssParams) )
+ {
+ wpalMemoryCopy( pSendBuffer+usDataOffset,
+ &halConfigBssReqMsg.uBssParams.configBssParams,
+ uMsgSize);
+ }
+ else
+ {
+ return WDI_STATUS_E_FAILURE;
+ }
+ }
pWDICtx->wdiReqStatusCB = pwdiConfigBSSParams->wdiReqStatusCB;
pWDICtx->pReqStatusUserData = pwdiConfigBSSParams->pUserData;
diff --git a/CORE/WDI/WPAL/src/wlan_qct_pal_trace.c b/CORE/WDI/WPAL/src/wlan_qct_pal_trace.c
index eba60aa..914e00f 100644
--- a/CORE/WDI/WPAL/src/wlan_qct_pal_trace.c
+++ b/CORE/WDI/WPAL/src/wlan_qct_pal_trace.c
@@ -284,8 +284,11 @@
// print the formatted log message after the prefix string.
// note we reserve space for the terminating NUL
- vsnprintf(strBuffer + n, WPAL_TRACE_BUFFER_SIZE - n - 1, strFormat, val);
- wpalOutput(level, strBuffer);
+ if (n < WPAL_TRACE_BUFFER_SIZE)
+ {
+ vsnprintf(strBuffer + n, WPAL_TRACE_BUFFER_SIZE - n - 1, strFormat, val);
+ wpalOutput(level, strBuffer);
+ }
va_end(val);
}
}
diff --git a/riva/inc/wlan_hal_msg.h b/riva/inc/wlan_hal_msg.h
index f29aaf6..2e5be56 100644
--- a/riva/inc/wlan_hal_msg.h
+++ b/riva/inc/wlan_hal_msg.h
@@ -18,6 +18,7 @@
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
+
/*==========================================================================
*
* @file: wlan_hal_msg.h
@@ -26,7 +27,7 @@
*
* @author: Kumar Anand
*
- * Copyright (C) 2010, Qualcomm, Inc.
+ * Copyright (C) 2010, Qualcomm Technologies, Inc.
* All rights reserved.
*
*=========================================================================*/
@@ -356,7 +357,7 @@
WLAN_HAL_GET_ROAM_RSSI_REQ = 185,
WLAN_HAL_GET_ROAM_RSSI_RSP = 186,
-
+
WLAN_HAL_CLASS_B_STATS_IND = 187,
WLAN_HAL_DEL_BA_IND = 188,
WLAN_HAL_DHCP_START_IND = 189,
@@ -5559,8 +5560,8 @@
BCN_FILTER = 19,
RTT = 20,
RATECTRL = 21,
- WOW = 22,
- MAX_FEATURE_SUPPORTED = 128,
+ WOW = 22
+ //MAX_FEATURE_SUPPORTED = 128
} placeHolderInCapBitmap;
typedef PACKED_PRE struct PACKED_POST{