Google Git
Sign in
coral / mt7668-wifi-mod / 2bc2328f51d6ccad8a0608c7c1ab24c71461a3e5^! / .
commit2bc2328f51d6ccad8a0608c7c1ab24c71461a3e5[log] [tgz]
authorAlice Ou <alice.ou@mediatek.com>Thu Jun 01 16:04:54 2017 +0800
committerAlice Ou <alice.ou@mediatek.com>Thu Jun 15 17:26:31 2017 +0800
treebddbbbb60af0764ce97e62527b4836d09e7b47ae
parentb9b35fe9ed3ba1f59e5cf80f2cc885134673fe8a [diff]
[DTV00857290][DTV][Coverity Scanned Code Defect]

[Description]
Fix coverity defects under nic/nic.c

Fix Out-of-bounds write.
 - Cid#361517 in line 1686.

Fix Dereference before null check.
 - Cid#16352 in line 804.
 Remove unused function 'nicGetPendingStaMMPDU' in nic.c and nic.h.

Fix Wrong operator used
 - Cid#15089 in line 2602, 2604, 2615, 2617, 2628, 2630, 2641, 2643, 
   2654, 2656, 2667, 2669, 2680, 2682, 2693, 2695.

Fix Unused value
 - Cid#70777 in line 1455, 1459, 1462, 1465.
 - Cid#70778 in line 1456, 1460, 1463, 1466.

Change-Id: Icde98d8fc9e2dbb42ae9b52b48c12a28ea963c6d
Signed-off-by: Alice Ou <alice.ou@mediatek.com>
(cherry picked from commit 0a3a6c4ac6cd13596f651a8b9ebf0257c0f336c8)
CR-Id: DTV00857290
(cherry picked from commit 3ded0366a956b70f4c10e463fd93381b85f36938)
(cherry picked from commit 8e46eb6f6b8ac09d49483b342e2bf1a010460c8c)

diff --git a/include/nic/nic.h b/include/nic/nic.h
index 5196b78..872f604 100644
--- a/include/nic/nic.h
+++ b/include/nic/nic.h

@@ -204,8 +204,6 @@
 
 P_MSDU_INFO_T nicGetPendingTxMsduInfo(IN P_ADAPTER_T prAdapter, IN UINT_8 ucWlanIndex, IN UINT_8 ucSeqNum);
 
-P_MSDU_INFO_T nicGetPendingStaMMPDU(IN P_ADAPTER_T prAdapter, IN UINT_8 ucStaRecIdx);
-
 VOID nicFreePendingTxMsduInfoByBssIdx(IN P_ADAPTER_T prAdapter, IN UINT_8 ucBssIndex);
 
 UINT_8 nicIncreaseCmdSeqNum(IN P_ADAPTER_T prAdapter);

diff --git a/nic/nic.c b/nic/nic.c
index 0899c77..684eef8 100644
--- a/nic/nic.c
+++ b/nic/nic.c

@@ -788,51 +788,6 @@
 	return prMsduInfo;
 }
 
-P_MSDU_INFO_T nicGetPendingStaMMPDU(IN P_ADAPTER_T prAdapter, IN UINT_8 ucStaRecIdx)
-{
-	P_MSDU_INFO_T prMsduInfoListHead = (P_MSDU_INFO_T) NULL;
-	P_QUE_T prTxingQue = (P_QUE_T) NULL;
-	QUE_T rTempQue;
-	P_QUE_T prTempQue = &rTempQue;
-	P_QUE_ENTRY_T prQueueEntry = (P_QUE_ENTRY_T) NULL;
-	P_MSDU_INFO_T prMsduInfo = (P_MSDU_INFO_T) NULL;
-
-	GLUE_SPIN_LOCK_DECLARATION();
-
-	KAL_ACQUIRE_SPIN_LOCK(prAdapter, SPIN_LOCK_TXING_MGMT_LIST);
-	do {
-		if (prAdapter == NULL) {
-
-			ASSERT(FALSE);
-			break;
-		}
-
-		prTxingQue = &(prAdapter->rTxCtrl.rTxMgmtTxingQueue);
-		QUEUE_MOVE_ALL(prTempQue, prTxingQue);
-
-		QUEUE_REMOVE_HEAD(prTempQue, prQueueEntry, P_QUE_ENTRY_T);
-		while (prQueueEntry) {
-			prMsduInfo = (P_MSDU_INFO_T) prQueueEntry;
-
-			if ((prMsduInfo->ucStaRecIndex == ucStaRecIdx)
-			    && (prMsduInfo->pfTxDoneHandler != NULL)) {
-				QM_TX_SET_NEXT_MSDU_INFO(prMsduInfo, prMsduInfoListHead);
-				prMsduInfoListHead = prMsduInfo;
-			} else {
-				QUEUE_INSERT_TAIL(prTxingQue, prQueueEntry);
-
-				prMsduInfo = NULL;
-			}
-
-			QUEUE_REMOVE_HEAD(prTempQue, prQueueEntry, P_QUE_ENTRY_T);
-		}
-
-	} while (FALSE);
-	KAL_RELEASE_SPIN_LOCK(prAdapter, SPIN_LOCK_TXING_MGMT_LIST);
-
-	return prMsduInfoListHead;
-}				/* nicGetPendingStaMMPDU */
-
 VOID nicFreePendingTxMsduInfoByBssIdx(IN P_ADAPTER_T prAdapter, IN UINT_8 ucBssIndex)
 {
 	P_QUE_T prTxingQue;
@@ -1487,8 +1442,7 @@
 			if (kalP2PGetCcmpCipher(prAdapter->prGlueInfo, (UINT_8) prBssInfo->u4PrivateData)) {
 				rCmdSetBssInfo.ucAuthMode = (UINT_8) AUTH_MODE_WPA2_PSK;
 				rCmdSetBssInfo.ucEncStatus = (UINT_8) ENUM_ENCRYPTION3_ENABLED;
-			}
-			if (kalP2PGetTkipCipher(prAdapter->prGlueInfo, (UINT_8) prBssInfo->u4PrivateData)) {
+			} else if (kalP2PGetTkipCipher(prAdapter->prGlueInfo, (UINT_8) prBssInfo->u4PrivateData)) {
 				rCmdSetBssInfo.ucAuthMode = (UINT_8) AUTH_MODE_WPA_PSK;
 				rCmdSetBssInfo.ucEncStatus = (UINT_8) ENUM_ENCRYPTION2_ENABLED;
 			} else if (kalP2PGetCipher(prAdapter->prGlueInfo, (UINT_8) prBssInfo->u4PrivateData)) {
@@ -1713,7 +1667,7 @@
 
 	ASSERT(prAdapter);
 
-	if (ucBssIndex > MAX_BSS_INDEX) {
+	if (ucBssIndex >= BSS_INFO_NUM) {
 		ASSERT(0);
 		return WLAN_STATUS_NOT_SUPPORTED;
 	}
@@ -2635,9 +2589,9 @@
 		break;
 
 	case FIXED_RATE_6M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_6M;
@@ -2648,9 +2602,9 @@
 		break;
 
 	case FIXED_RATE_9M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_9M;
@@ -2661,9 +2615,9 @@
 		break;
 
 	case FIXED_RATE_12M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_12M;
@@ -2674,9 +2628,9 @@
 		break;
 
 	case FIXED_RATE_18M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_18M;
@@ -2687,9 +2641,9 @@
 		break;
 
 	case FIXED_RATE_24M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_24M;
@@ -2700,9 +2654,9 @@
 		break;
 
 	case FIXED_RATE_36M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_36M;
@@ -2713,9 +2667,9 @@
 		break;
 
 	case FIXED_RATE_48M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_48M;
@@ -2726,9 +2680,9 @@
 		break;
 
 	case FIXED_RATE_54M:
-		if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_ERP)
+		if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_ERP)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_ERP;
-		else if ((*pucDesiredPhyTypeSet) | PHY_TYPE_BIT_OFDM)
+		else if ((*pucDesiredPhyTypeSet) & PHY_TYPE_BIT_OFDM)
 			*pucDesiredPhyTypeSet = PHY_TYPE_BIT_OFDM;
 
 		*pu2DesiredNonHTRateSet = RATE_SET_BIT_54M;