wifi_hal: Fix KW issue Add length check before memcpy Change-Id: I4a53053574957003385ed51abe4fa7b1cb208d54 CRs-Fixed: 3446913

commit: 83fdf835f2b0cca7d161d82b41f092116f49fefd [log] [tgz]
author: Baowei Liu <quic_baowei@quicinc.com> Tue Mar 28 13:00:27 2023 +0800
committer: Baowei Liu <quic_baowei@quicinc.com> Tue Mar 28 15:41:05 2023 +0800
tree: fe25b25388885f668e7e9ed374294b6b846f36a7
parent: 3c53b9addb5b9599e7c738a5b2ade916e87d73e8 [diff]
diff --git a/qcwcn/wifi_hal/tdls.cpp b/qcwcn/wifi_hal/tdls.cpp
index 2082fef..c54928f 100644
--- a/qcwcn/wifi_hal/tdls.cpp
+++ b/qcwcn/wifi_hal/tdls.cpp

@@ -122,9 +122,15 @@
                             __FUNCTION__);
                     return WIFI_ERROR_INVALID_ARGS;
                 }
+                if (nla_len(tb_vendor[QCA_WLAN_VENDOR_ATTR_TDLS_MAC_ADDR]) != sizeof(mac_addr))
+                {
+                    ALOGE("%s: QCA_WLAN_VENDOR_ATTR_TDLS_MAC_ADDR Invalid mac addr lenght",
+                            __FUNCTION__);
+                    return WIFI_ERROR_INVALID_ARGS;
+                }
                 memcpy(addr,
                   (u8 *)nla_data(tb_vendor[QCA_WLAN_VENDOR_ATTR_TDLS_MAC_ADDR]),
-                  nla_len(tb_vendor[QCA_WLAN_VENDOR_ATTR_TDLS_MAC_ADDR]));
+                  sizeof(mac_addr));
 
                 ALOGV(MAC_ADDR_STR, MAC_ADDR_ARRAY(addr));
commit	83fdf835f2b0cca7d161d82b41f092116f49fefd	[log] [tgz]
author	Baowei Liu <quic_baowei@quicinc.com>	Tue Mar 28 13:00:27 2023 +0800
committer	Baowei Liu <quic_baowei@quicinc.com>	Tue Mar 28 15:41:05 2023 +0800
tree	fe25b25388885f668e7e9ed374294b6b846f36a7
parent	3c53b9addb5b9599e7c738a5b2ade916e87d73e8 [diff]