wlan: Array out of bound due to invalid session Id In background scanning, csrNeighborRoamIssueBgScanRequest passes CSR_SESSION_ID_INVALID(0xFF) as argument-sessionId to csrScanRequest(). In csrRoamGetConnectState roamSession points to sessions up to max 5. Invalid session id 0xFF results in page fault error. Fix this by adding session id validity check and return appropriate error status to the calling function. Change-Id: I9d5c39311695ac168487e094728595f792549142 CRs-Fixed: 453007

commit: c84c57cfc75218e0df2ae30a2273f14c87bdeef2 [log] [tgz]
author: Srinivas Girigowda <c_sgirig@qca.qualcomm.com> Tue Feb 19 17:41:56 2013 -0800
committer: Gopichand Nakkala <gnakkala@qca.qualcomm.com> Mon Feb 25 21:56:19 2013 -0800
tree: 69202dc7b2fb49263e1dfd53e47acf9dd72186e9
parent: a3ed0a38d87c2c3d563d2c927e85f875424f5771 [diff] [blame]
diff --git a/CORE/SME/src/csr/csrApiScan.c b/CORE/SME/src/csr/csrApiScan.c
index 7657411..970be45 100755
--- a/CORE/SME/src/csr/csrApiScan.c
+++ b/CORE/SME/src/csr/csrApiScan.c

@@ -743,7 +743,8 @@
                                   For BTC with A2DP up: Channel time will not be doubled, if station is already associated.
                                */
                 status = csrRoamGetConnectState(pMac,sessionId,&ConnectState);
-                if(pMac->btc.fA2DPUp && 
+                if (HAL_STATUS_SUCCESS(status) &&
+                    pMac->btc.fA2DPUp &&
                    (eCSR_ASSOC_STATE_TYPE_INFRA_ASSOCIATED != ConnectState) &&
                    (eCSR_ASSOC_STATE_TYPE_IBSS_CONNECTED != ConnectState))
                 {
commit	c84c57cfc75218e0df2ae30a2273f14c87bdeef2	[log] [tgz]
author	Srinivas Girigowda <c_sgirig@qca.qualcomm.com>	Tue Feb 19 17:41:56 2013 -0800
committer	Gopichand Nakkala <gnakkala@qca.qualcomm.com>	Mon Feb 25 21:56:19 2013 -0800
tree	69202dc7b2fb49263e1dfd53e47acf9dd72186e9
parent	a3ed0a38d87c2c3d563d2c927e85f875424f5771 [diff] [blame]