qcacld-3.0: Add sanity check for key_nai_length to prevent int underflow
In function csr_update_fils_params_rso, fils_info->key_nai_length
is used to calculate username_length and then subsequently to
calculate realm_len. If the value of key_nai_length received from
the framework is 0, the value of username_length would also be 0
thereby making realm_len as -1. However since realm_len is uint32,
the int value would underflow to a very large value leading to crash
at qdf_mem_copy.
Add sanity check to return if the value of key_nai_length is 0
or if the pointer to keyname_nai is NULL.
Change-Id: I9bfaa8f3be608bd90a0cd818be6627c9f12217c8
CRs-Fixed: 2141458
1 file changed