wlan: Validate ops functions for NULL pointer de-reference
Access to driver data structures during driver load unload,
results in kernel panic.
To mitigate the issue, validate the context before accessing
driver data structures.
Change-Id: I5a513c491c73c8ab0514597839d19fcc5d80eaf8
CRs-Fixed: 787915
diff --git a/CORE/HDD/src/wlan_hdd_cfg80211.c b/CORE/HDD/src/wlan_hdd_cfg80211.c
index 1f99c6d..a0e00d3 100644
--- a/CORE/HDD/src/wlan_hdd_cfg80211.c
+++ b/CORE/HDD/src/wlan_hdd_cfg80211.c
@@ -7619,7 +7619,6 @@
"%s: HDD context is not valid", __func__);
return ret;
}
-
MTRACE(vos_trace(VOS_MODULE_ID_HDD,
TRACE_CODE_HDD_CFG80211_CHANGE_BSS,
pAdapter->sessionId, params->ap_isolate));
@@ -8307,7 +8306,7 @@
struct station_parameters *params)
{
VOS_STATUS status = VOS_STATUS_SUCCESS;
- hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR( dev );
+ hdd_adapter_t *pAdapter;
hdd_context_t *pHddCtx;
hdd_station_ctx_t *pHddStaCtx;
v_MACADDR_t STAMacAddress;
@@ -8317,8 +8316,9 @@
tANI_U8 isBufSta = 0;
tANI_U8 isOffChannelSupported = 0;
#endif
- ENTER();
+ ENTER();
+ pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
if ((NULL == pAdapter))
{
VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
@@ -8347,7 +8347,6 @@
"invalid HDD station context");
return -EINVAL;
}
-
vos_mem_copy(STAMacAddress.bytes, mac, sizeof(v_MACADDR_t));
if ((pAdapter->device_mode == WLAN_HDD_SOFTAP)
@@ -13477,11 +13476,28 @@
static int __wlan_hdd_cfg80211_add_station(struct wiphy *wiphy,
struct net_device *dev, u8 *mac, struct station_parameters *params)
{
- hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
int status = -EPERM;
#ifdef FEATURE_WLAN_TDLS
u32 mask, set;
+
ENTER();
+ pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ if (NULL == pAdapter)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ status = wlan_hdd_validate_context(pHddCtx);
+ if (0 != status)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return status;
+ }
MTRACE(vos_trace(VOS_MODULE_ID_HDD,
TRACE_CODE_HDD_CFG80211_ADD_STA,
@@ -13723,7 +13739,6 @@
hddLog(VOS_TRACE_LEVEL_ERROR, "%s: Adapter is NULL", __func__);
return -ENODEV;
}
-
pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
ret = wlan_hdd_validate_context(pHddCtx);
if (0 != ret)
@@ -13732,8 +13747,12 @@
"%s: HDD context is not valid", __func__);
return ret;
}
-
pHddStaCtx = WLAN_HDD_GET_STATION_CTX_PTR(pAdapter);
+ if (NULL == pHddStaCtx)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR, "%s: STA Context is NULL", __func__);
+ return -EINVAL;
+ }
MTRACE(vos_trace(VOS_MODULE_ID_HDD,
TRACE_CODE_HDD_CFG80211_UPDATE_FT_IES,
@@ -14335,8 +14354,8 @@
#endif
{
- hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
- hdd_context_t *pHddCtx = wiphy_priv(wiphy);
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
u8 peerMac[6];
VOS_STATUS status;
int max_sta_failed = 0;
@@ -14348,16 +14367,23 @@
#endif
tANI_U16 numCurrTdlsPeers;
+ pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ if (NULL == pAdapter)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
MTRACE(vos_trace(VOS_MODULE_ID_HDD,
TRACE_CODE_HDD_CFG80211_TDLS_MGMT,
pAdapter->sessionId, action_code));
+ pHddCtx = wiphy_priv(wiphy);
if (NULL == pHddCtx || NULL == pHddCtx->cfg_ini)
{
VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
"Invalid arguments");
return -EINVAL;
}
-
if (pHddCtx->isLogpInProgress)
{
VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
@@ -14368,7 +14394,12 @@
eTDLS_LINK_UNSPECIFIED);
return -EBUSY;
}
-
+ if (WLAN_HDD_IS_LOAD_UNLOAD_IN_PROGRESS(pHddCtx))
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: Unloading/Loading in Progress. Ignore!!!", __func__);
+ return -EAGAIN;
+ }
if (eTDLS_SUPPORT_NOT_ENABLED == pHddCtx->tdls_mode)
{
VOS_TRACE( VOS_MODULE_ID_HDD, TDLS_LOG_LEVEL,
@@ -15740,25 +15771,10 @@
VOS_STATUS status = VOS_STATUS_SUCCESS;
ENTER();
-
- if ( NULL == pHddCtx )
- {
- VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
- "%s: HddCtx validation failed", __func__);
- return 0;
- }
-
- if (pHddCtx->isLogpInProgress)
+ if (0 != wlan_hdd_validate_context(pHddCtx))
{
VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
- "%s: LOGP in Progress. Ignore!!!", __func__);
- return 0;
- }
-
- if (WLAN_HDD_IS_LOAD_UNLOAD_IN_PROGRESS(pHddCtx))
- {
- VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
- "%s: Unloading/Loading in Progress. Ignore!!!", __func__);
+ "%s: Hdd Context is invalid", __func__);
return 0;
}
diff --git a/CORE/HDD/src/wlan_hdd_debugfs.c b/CORE/HDD/src/wlan_hdd_debugfs.c
index 8504057..7b8d044 100644
--- a/CORE/HDD/src/wlan_hdd_debugfs.c
+++ b/CORE/HDD/src/wlan_hdd_debugfs.c
@@ -37,20 +37,27 @@
static ssize_t __wcnss_wowenable_write(struct file *file,
const char __user *buf, size_t count, loff_t *ppos)
{
- hdd_adapter_t *pAdapter = (hdd_adapter_t *)file->private_data;
-
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
char cmd[MAX_USER_COMMAND_SIZE_WOWL_ENABLE + 1];
char *sptr, *token;
v_U8_t wow_enable = 0;
v_U8_t wow_mp = 0;
v_U8_t wow_pbm = 0;
+ pAdapter = (hdd_adapter_t *)file->private_data;
if ((NULL == pAdapter) || (WLAN_HDD_ADAPTER_MAGIC != pAdapter->magic))
{
VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
"%s: Invalid adapter or adapter has invalid magic.",
__func__);
-
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ if (0 != wlan_hdd_validate_context(pHddCtx))
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
return -EINVAL;
}
@@ -142,8 +149,8 @@
static ssize_t __wcnss_wowpattern_write(struct file *file,
const char __user *buf, size_t count, loff_t *ppos)
{
- hdd_adapter_t *pAdapter = (hdd_adapter_t *)file->private_data;
-
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
char cmd[MAX_USER_COMMAND_SIZE_WOWL_PATTERN + 1];
char *sptr, *token;
v_U8_t pattern_idx = 0;
@@ -151,6 +158,7 @@
char *pattern_buf;
char *pattern_mask;
+ pAdapter = (hdd_adapter_t *)file->private_data;
if ((NULL == pAdapter) || (WLAN_HDD_ADAPTER_MAGIC != pAdapter->magic))
{
VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
@@ -159,7 +167,13 @@
return -EINVAL;
}
-
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ if (0 != wlan_hdd_validate_context(pHddCtx))
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return -EINVAL;
+ }
if (!sme_IsFeatureSupportedByFW(WOW))
{
VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
@@ -241,11 +255,10 @@
static ssize_t __wcnss_patterngen_write(struct file *file,
const char __user *buf, size_t count, loff_t *ppos)
{
- hdd_adapter_t *pAdapter = (hdd_adapter_t *)file->private_data;
+ hdd_adapter_t *pAdapter;
hdd_context_t *pHddCtx;
tSirAddPeriodicTxPtrn *addPeriodicTxPtrnParams;
tSirDelPeriodicTxPtrn *delPeriodicTxPtrnParams;
-
char *cmd, *sptr, *token;
v_U8_t pattern_idx = 0;
v_U8_t pattern_duration = 0;
@@ -253,6 +266,7 @@
v_U16_t pattern_len = 0;
v_U16_t i = 0;
+ pAdapter = (hdd_adapter_t *)file->private_data;
if ((NULL == pAdapter) || (WLAN_HDD_ADAPTER_MAGIC != pAdapter->magic))
{
VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
@@ -261,8 +275,13 @@
return -EINVAL;
}
-
pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ if (0 != wlan_hdd_validate_context(pHddCtx))
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return -EINVAL;
+ }
if (!sme_IsFeatureSupportedByFW(WLAN_PERIODIC_TX_PTRN))
{
@@ -458,6 +477,25 @@
static int __wcnss_debugfs_open(struct inode *inode, struct file *file)
{
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
+
+ pAdapter = (hdd_adapter_t *)file->private_data;
+ if ((NULL == pAdapter) || (WLAN_HDD_ADAPTER_MAGIC != pAdapter->magic))
+ {
+ VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
+ "%s: Invalid adapter or adapter has invalid magic.",
+ __func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ if (0 != wlan_hdd_validate_context(pHddCtx))
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return -EINVAL;
+ }
+
if (inode->i_private)
{
file->private_data = inode->i_private;
diff --git a/CORE/HDD/src/wlan_hdd_dev_pwr.c b/CORE/HDD/src/wlan_hdd_dev_pwr.c
index 469a663..616c526 100644
--- a/CORE/HDD/src/wlan_hdd_dev_pwr.c
+++ b/CORE/HDD/src/wlan_hdd_dev_pwr.c
@@ -332,11 +332,13 @@
VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_INFO, "%s: WLAN suspended by platform driver",__func__);
/* Get the HDD context */
- if(!pHddCtx) {
- VOS_TRACE(VOS_MODULE_ID_HDD,VOS_TRACE_LEVEL_FATAL,"%s: HDD context is Null",__func__);
- return 0;
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return ret;
}
-
if(pHddCtx->isWlanSuspended == TRUE)
{
VOS_TRACE(VOS_MODULE_ID_HDD,VOS_TRACE_LEVEL_FATAL,"%s: WLAN is already in suspended state",__func__);
@@ -385,11 +387,18 @@
int __hddDevResumeHdlr(struct device *dev)
{
hdd_context_t* pHddCtx = NULL;
-
- pHddCtx = (hdd_context_t*)wcnss_wlan_get_drvdata(dev);
+ int ret = 0;
VOS_TRACE(VOS_MODULE_ID_HDD,VOS_TRACE_LEVEL_INFO, "%s: WLAN being resumed by Android OS",__func__);
+ pHddCtx = (hdd_context_t*)wcnss_wlan_get_drvdata(dev);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid ",__func__);
+ return ret;
+ }
if(pHddCtx->isWlanSuspended != TRUE)
{
VOS_TRACE(VOS_MODULE_ID_HDD,VOS_TRACE_LEVEL_FATAL,"%s: WLAN is already in resumed state",__func__);
diff --git a/CORE/HDD/src/wlan_hdd_ftm.c b/CORE/HDD/src/wlan_hdd_ftm.c
index fbf7413..2f730f0 100644
--- a/CORE/HDD/src/wlan_hdd_ftm.c
+++ b/CORE/HDD/src/wlan_hdd_ftm.c
@@ -4863,6 +4863,7 @@
char *param;
VOS_STATUS status;
hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
struct iw_point s_priv_data;
ret =0;
@@ -4878,9 +4879,23 @@
return -EINVAL;
}
+ pAdapter = (hdd_adapter_t *)netdev_priv(dev);
+ if (NULL == pAdapter)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return ret;
+ }
sub_cmd = s_priv_data.flags;
length = s_priv_data.length;
- pAdapter = (hdd_adapter_t *)netdev_priv(dev);
/* we cannot use iotctl_private_iw_point in kernel to allocate memory
* to store data from userspace as IW_SETCHAR_GETNONE is defined as
@@ -4965,13 +4980,27 @@
static int __iw_ftm_setint_getnone(struct net_device *dev, struct iw_request_info *info,
union iwreq_data *wrqu, char *extra)
{
- hdd_adapter_t *pAdapter = (netdev_priv(dev));
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
int *value = (int *)extra;
int sub_cmd = value[0];
int set_value = value[1];
int ret = 0; /* success */
VOS_STATUS status;
+ pAdapter = (netdev_priv(dev));
+ if (NULL == pAdapter)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR, "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR, "%s: HDD context is not valid",__func__);
+ return ret;
+ }
switch(sub_cmd)
{
case WE_FTM_ON_OFF:
@@ -5153,11 +5182,26 @@
static int __iw_ftm_setnone_getint(struct net_device *dev, struct iw_request_info *info,
union iwreq_data *wrqu, char *extra)
{
- hdd_adapter_t *pAdapter = (netdev_priv(dev));
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
int *value = (int *)extra;
int ret = 0; /* success */
VOS_STATUS status;
+ pAdapter = (netdev_priv(dev));
+ if (NULL == pAdapter)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR, "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR, "%s: HDD context is not valid",__func__);
+ return ret;
+ }
+
switch (value[0])
{
case WE_GET_CHANNEL:
@@ -5220,8 +5264,23 @@
{
int sub_cmd = wrqu->data.flags;
VOS_STATUS status;
- hdd_adapter_t *pAdapter = (netdev_priv(dev));
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
+ int ret = 0;
+ pAdapter = (netdev_priv(dev));
+ if (NULL == pAdapter)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR, "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR, "%s: HDD context is not valid ",__func__);
+ return ret;
+ }
switch(sub_cmd)
{
case WE_GET_MAC_ADDRESS:
@@ -5413,15 +5472,32 @@
static int __iw_ftm_set_var_ints_getnone(struct net_device *dev, struct iw_request_info *info,
union iwreq_data *wrqu, char *extra)
{
- hdd_adapter_t *pAdapter = (netdev_priv(dev));
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
int sub_cmd = wrqu->data.flags;
int *value = (int*)wrqu->data.pointer;
+ int ret = 0;
if(wrqu->data.length != 2)
{
hddLog(LOGE, "Invalid number of Arguments %d \n", wrqu->data.length);
return -EINVAL;
}
+ pAdapter = (netdev_priv(dev));
+ if (NULL == pAdapter)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR,
+ "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return ret;
+ }
switch (sub_cmd)
{
case WE_SET_TX_WF_GAIN:
diff --git a/CORE/HDD/src/wlan_hdd_hostapd.c b/CORE/HDD/src/wlan_hdd_hostapd.c
index f072d20..fe6cdab 100644
--- a/CORE/HDD/src/wlan_hdd_hostapd.c
+++ b/CORE/HDD/src/wlan_hdd_hostapd.c
@@ -574,7 +574,25 @@
static int __hdd_hostapd_set_mac_address(struct net_device *dev, void *addr)
{
struct sockaddr *psta_mac_addr = addr;
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
+ int ret = 0;
ENTER();
+ pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ if (NULL == pAdapter)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return ret;
+ }
memcpy(dev->dev_addr, psta_mac_addr->sa_data, ETH_ALEN);
EXIT();
return 0;
diff --git a/CORE/HDD/src/wlan_hdd_main.c b/CORE/HDD/src/wlan_hdd_main.c
index 8f019c8..4e85979 100755
--- a/CORE/HDD/src/wlan_hdd_main.c
+++ b/CORE/HDD/src/wlan_hdd_main.c
@@ -5892,11 +5892,28 @@
static int __hdd_set_mac_address(struct net_device *dev, void *addr)
{
- hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
struct sockaddr *psta_mac_addr = addr;
eHalStatus halStatus = eHAL_STATUS_SUCCESS;
+ int ret = 0;
ENTER();
+ pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ if (NULL == pAdapter)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return ret;
+ }
memcpy(&pAdapter->macAddressCurrent, psta_mac_addr->sa_data, ETH_ALEN);
memcpy(dev->dev_addr, psta_mac_addr->sa_data, ETH_ALEN);
@@ -7901,30 +7918,39 @@
\param - dev - Pointer to the WLAN device.
- skb - Pointer to OS packet (sk_buff).
- \return - success/fail
+ \return - success/fail
--------------------------------------------------------------------------*/
static void __hdd_set_multicast_list(struct net_device *dev)
{
- hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
int mc_count;
- int i = 0;
+ int i = 0, ret = 0;
struct netdev_hw_addr *ha;
+ pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
if (NULL == pAdapter)
{
hddLog(VOS_TRACE_LEVEL_ERROR,
"%s: Adapter context is Null", __func__);
return;
}
-
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ hddLog(VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return;
+ }
if (dev->flags & IFF_ALLMULTI)
{
hddLog(VOS_TRACE_LEVEL_INFO,
"%s: allow all multicast frames", __func__);
pAdapter->mc_addr_list.mc_cnt = 0;
}
- else
+ else
{
mc_count = netdev_mc_count(dev);
hddLog(VOS_TRACE_LEVEL_INFO,
@@ -7945,7 +7971,7 @@
memset(&(pAdapter->mc_addr_list.addr[i][0]), 0, ETH_ALEN);
memcpy(&(pAdapter->mc_addr_list.addr[i][0]), ha->addr, ETH_ALEN);
hddLog(VOS_TRACE_LEVEL_INFO, "%s: mlist[%d] = "MAC_ADDRESS_STR,
- __func__, i,
+ __func__, i,
MAC_ADDR_ARRAY(pAdapter->mc_addr_list.addr[i]));
i++;
}
diff --git a/CORE/HDD/src/wlan_hdd_p2p.c b/CORE/HDD/src/wlan_hdd_p2p.c
index c64e9c0..85a1955 100644
--- a/CORE/HDD/src/wlan_hdd_p2p.c
+++ b/CORE/HDD/src/wlan_hdd_p2p.c
@@ -715,7 +715,25 @@
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,6,0))
struct net_device *dev = wdev->netdev;
#endif
- hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR( dev );
+ hdd_adapter_t *pAdapter;
+ hdd_context_t *pHddCtx;
+ int ret = 0;
+
+ pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
+ if (NULL == pAdapter)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: Adapter is NULL",__func__);
+ return -EINVAL;
+ }
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ ret = wlan_hdd_validate_context(pHddCtx);
+ if (0 != ret)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid",__func__);
+ return ret;
+ }
MTRACE(vos_trace(VOS_MODULE_ID_HDD,
TRACE_CODE_HDD_REMAIN_ON_CHANNEL,