qcacld-3.0: Fix the possible NULL dereference
qcacld-2.0 to qcacld-3.0 propagation
lim_get_ie_ptr_new will return NULL if the IE parameters
are not valid, so add NULL check for ie_ptr to avoid
NULL dereference
Change-Id: I1ecc8c4ed6456ebcfd85fe62534b9913ba31dcd9
CRs-Fixed: 869026
diff --git a/core/mac/src/pe/lim/lim_process_sme_req_messages.c b/core/mac/src/pe/lim/lim_process_sme_req_messages.c
index f2d1d99..ff4fd61 100644
--- a/core/mac/src/pe/lim/lim_process_sme_req_messages.c
+++ b/core/mac/src/pe/lim/lim_process_sme_req_messages.c
@@ -4766,6 +4766,13 @@
p_ie = lim_get_ie_ptr_new(mac_ctx, ie_params->ie_ptr,
ie_params->ie_len,
DOT11F_EID_HTCAPS, ONE_BYTE);
+ if (NULL == p_ie) {
+ qdf_mem_free(ie_params->ie_ptr);
+ qdf_mem_free(ie_params);
+ lim_log(mac_ctx, LOGE,
+ FL("failed to get IE ptr"));
+ return;
+ }
p_ht_cap = (tHtCaps *)&p_ie[2];
p_ht_cap->supportedMCSSet[1] = 0;
p_ht_cap->txSTBC = 0;
@@ -4835,6 +4842,13 @@
p_ie = lim_get_ie_ptr_new(mac_ctx, ie_params->ie_ptr,
ie_params->ie_len,
DOT11F_EID_VHTCAPS, ONE_BYTE);
+ if (NULL == p_ie) {
+ qdf_mem_free(ie_params->ie_ptr);
+ qdf_mem_free(ie_params);
+ lim_log(mac_ctx, LOGE,
+ FL("failed to get IE ptr"));
+ return;
+ }
vht_cap = (tSirMacVHTCapabilityInfo *)&p_ie[2];
vht_cap->txSTBC = 0;
vht_mcs =