Loading CORE/MAC/src/pe/rrm/rrmApi.c +10 −2 Original line number Diff line number Diff line Loading @@ -678,7 +678,8 @@ rrmFillBeaconIes( tpAniSirGlobal pMac, tANI_U8 *eids, tANI_U8 numEids, tpSirBssDescription pBssDesc ) { tANI_U8 len, *pBcnIes, BcnNumIes, count = 0, i; tANI_U8 len, *pBcnIes, count = 0, i; tANI_U16 BcnNumIes = 0; if( (pIes == NULL) || (pNumIes == NULL) || (pBssDesc == NULL) ) { Loading @@ -705,10 +706,17 @@ rrmFillBeaconIes( tpAniSirGlobal pMac, while ( BcnNumIes > 0 ) { len = *(pBcnIes + 1) + 2; //element id + length. len = *(pBcnIes + 1); //element id + length. len += 2; limLog( pMac, LOG3, "EID = %d, len = %d total = %d", *pBcnIes, *(pBcnIes+1), len ); if (BcnNumIes < len || len <= 2) { limLog(pMac, LOGE, "RRM: Invalid IE len:%d exp_len:%d", len, BcnNumIes); break; } i = 0; do { Loading Loading
CORE/MAC/src/pe/rrm/rrmApi.c +10 −2 Original line number Diff line number Diff line Loading @@ -678,7 +678,8 @@ rrmFillBeaconIes( tpAniSirGlobal pMac, tANI_U8 *eids, tANI_U8 numEids, tpSirBssDescription pBssDesc ) { tANI_U8 len, *pBcnIes, BcnNumIes, count = 0, i; tANI_U8 len, *pBcnIes, count = 0, i; tANI_U16 BcnNumIes = 0; if( (pIes == NULL) || (pNumIes == NULL) || (pBssDesc == NULL) ) { Loading @@ -705,10 +706,17 @@ rrmFillBeaconIes( tpAniSirGlobal pMac, while ( BcnNumIes > 0 ) { len = *(pBcnIes + 1) + 2; //element id + length. len = *(pBcnIes + 1); //element id + length. len += 2; limLog( pMac, LOG3, "EID = %d, len = %d total = %d", *pBcnIes, *(pBcnIes+1), len ); if (BcnNumIes < len || len <= 2) { limLog(pMac, LOGE, "RRM: Invalid IE len:%d exp_len:%d", len, BcnNumIes); break; } i = 0; do { Loading
