aboutsummaryrefslogtreecommitdiff
path: root/drivers/staging/qcacld-2.0/CORE/HDD
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/staging/qcacld-2.0/CORE/HDD')
-rw-r--r--drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_assoc.c17
-rw-r--r--drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c8
-rw-r--r--drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_hostapd.c18
-rw-r--r--drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_ocb.c11
4 files changed, 36 insertions, 18 deletions
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_assoc.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_assoc.c
index 9d7f5965eb76..f353888ebdef 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_assoc.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_assoc.c
@@ -2744,7 +2744,7 @@ static eHalStatus roamRoamConnectStatusUpdateHandler( hdd_adapter_t *pAdapter, t
case eCSR_ROAM_RESULT_IBSS_NEW_PEER:
{
hdd_station_ctx_t *pHddStaCtx = WLAN_HDD_GET_STATION_CTX_PTR(pAdapter);
- struct station_info staInfo;
+ struct station_info *stainfo;
pr_info ( "IBSS New Peer indication from SME "
"with peerMac " MAC_ADDRESS_STR " BSSID: " MAC_ADDRESS_STR " and stationID= %d",
@@ -2779,13 +2779,20 @@ static eHalStatus roamRoamConnectStatusUpdateHandler( hdd_adapter_t *pAdapter, t
vosStatus, vosStatus );
}
pHddStaCtx->ibss_sta_generation++;
- memset(&staInfo, 0, sizeof(staInfo));
- staInfo.filled = 0;
- staInfo.generation = pHddStaCtx->ibss_sta_generation;
+ stainfo = vos_mem_malloc(sizeof(*stainfo));
+ if (stainfo == NULL) {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "memory allocation for station_info failed");
+ return eHAL_STATUS_FAILED_ALLOC;
+ }
+ memset(stainfo, 0, sizeof(*stainfo));
+ stainfo->filled = 0;
+ stainfo->generation = pHddStaCtx->ibss_sta_generation;
cfg80211_new_sta(pAdapter->dev,
(const u8 *)pRoamInfo->peerMac,
- &staInfo, GFP_KERNEL);
+ stainfo, GFP_KERNEL);
+ vos_mem_free(stainfo);
if ( eCSR_ENCRYPT_TYPE_WEP40_STATICKEY == pHddStaCtx->ibss_enc_key.encType
||eCSR_ENCRYPT_TYPE_WEP104_STATICKEY == pHddStaCtx->ibss_enc_key.encType
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
index 013a2db6b2ab..e45b70456011 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
@@ -2871,7 +2871,7 @@ __wlan_hdd_cfg80211_extscan_set_ssid_hotlist(struct wiphy *wiphy,
struct hdd_ext_scan_context *context;
uint32_t request_id;
char ssid_string[SIR_MAC_MAX_SSID_LENGTH + 1];
- int ssid_len;
+ int ssid_len, ssid_length;
eHalStatus status;
int i, rem, retval;
unsigned long rc;
@@ -2950,12 +2950,16 @@ __wlan_hdd_cfg80211_extscan_set_ssid_hotlist(struct wiphy *wiphy,
hddLog(LOGE, FL("attr ssid failed"));
goto fail;
}
- nla_memcpy(ssid_string,
+ ssid_length = nla_strlcpy(ssid_string,
tb2[PARAM_SSID],
sizeof(ssid_string));
hddLog(LOG1, FL("SSID %s"),
ssid_string);
ssid_len = strlen(ssid_string);
+ if (ssid_length > SIR_MAC_MAX_SSID_LENGTH) {
+ hddLog(LOGE, FL("Invalid ssid length"));
+ goto fail;
+ }
memcpy(request->ssids[i].ssid.ssId, ssid_string, ssid_len);
request->ssids[i].ssid.length = ssid_len;
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_hostapd.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_hostapd.c
index 4ac29d461bfa..a1f30c238076 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_hostapd.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_hostapd.c
@@ -1825,21 +1825,27 @@ VOS_STATUS hdd_hostapd_SAPEventCB( tpSap_Event pSapEvent, v_PVOID_t usrDataForCa
HDD_SAP_WAKE_LOCK_DURATION,
WIFI_POWER_EVENT_WAKELOCK_SAP);
{
- struct station_info staInfo;
v_U16_t iesLen = pSapEvent->sapevt.sapStationAssocReassocCompleteEvent.iesLen;
- memset(&staInfo, 0, sizeof(staInfo));
if (iesLen <= MAX_ASSOC_IND_IE_LEN )
{
- staInfo.assoc_req_ies =
+ struct station_info *stainfo;
+ stainfo = vos_mem_malloc(sizeof(*stainfo));
+ if (stainfo == NULL) {
+ hddLog(LOGE, FL("alloc station_info failed"));
+ return VOS_STATUS_E_NOMEM;
+ }
+ memset(stainfo, 0, sizeof(*stainfo));
+ stainfo->assoc_req_ies =
(const u8 *)&pSapEvent->sapevt.sapStationAssocReassocCompleteEvent.ies[0];
- staInfo.assoc_req_ies_len = iesLen;
+ stainfo->assoc_req_ies_len = iesLen;
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,0,31)) || defined(WITH_BACKPORTS)
- staInfo.filled |= STATION_INFO_ASSOC_REQ_IES;
+ stainfo->filled |= STATION_INFO_ASSOC_REQ_IES;
#endif
cfg80211_new_sta(dev,
(const u8 *)&pSapEvent->sapevt.sapStationAssocReassocCompleteEvent.staMac.bytes[0],
- &staInfo, GFP_KERNEL);
+ stainfo, GFP_KERNEL);
+ vos_mem_free(stainfo);
}
else
{
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_ocb.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_ocb.c
index b6494ca47e4b..95fde5eca899 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_ocb.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_ocb.c
@@ -406,10 +406,11 @@ static int hdd_ocb_register_sta(hdd_adapter_t *adapter)
*
* Return: A pointer to the OCB configuration struct, NULL on failure.
*/
-static struct sir_ocb_config *hdd_ocb_config_new(int num_channels,
- int num_schedule,
- int ndl_chan_list_len,
- int ndl_active_state_list_len)
+static
+struct sir_ocb_config *hdd_ocb_config_new(uint32_t num_channels,
+ uint32_t num_schedule,
+ uint32_t ndl_chan_list_len,
+ uint32_t ndl_active_state_list_len)
{
struct sir_ocb_config *ret = 0;
uint32_t len;
@@ -903,7 +904,7 @@ static int __wlan_hdd_cfg80211_ocb_set_config(struct wiphy *wiphy,
void *def_tx_param = NULL;
uint32_t def_tx_param_size = 0;
int i;
- int channel_count, schedule_size;
+ uint32_t channel_count, schedule_size;
struct sir_ocb_config *config;
int rc = -EINVAL;
uint8_t *mac_addr;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-21 08:59:22 +0000