[rdkb][common][hal][Fix NeighboringWiFiDiagnostic cause wifi agent crash issue]
[Description]
Fix NeighboringWiFiDiagnostic cause wifi agent crash issue
1. calloc channels_noise_arr without free
2. protect get_noise will not overflow
3. get_noise need to return 1 , not RETURN_OK. because RETURN_OK => 0
[Release-log]
diff --git a/src/wifi/wifi_hal.c b/src/wifi/wifi_hal.c
index ef9d306..06d2c40 100644
--- a/src/wifi/wifi_hal.c
+++ b/src/wifi/wifi_hal.c
@@ -3501,7 +3501,7 @@
{
FILE *f = NULL;
char cmd[128] = {0};
- char *line = NULL;
+ char line[256] = {0};
size_t len = 0;
ssize_t read = 0;
int tmp = 0, arr_index = -1;
@@ -3512,17 +3512,20 @@
wifi_dbg_printf("%s: popen %s error\n", __func__, cmd);
return RETURN_ERR;
}
- line = malloc(sizeof(char) * 256);
- while((read = getline(&line, &len, f)) != -1) {
- sscanf(line, "%d", &tmp);
- if (tmp > 0) { // channel frequency, the first line must be frequency
- arr_index++;
- channels_noise_arr[arr_index].channel = ieee80211_frequency_to_channel(tmp);
- } else { // noise
- channels_noise_arr[arr_index].noise = tmp;
+
+ while(fgets(line, sizeof(line), f) != NULL) {
+ if(arr_index < channels_num){
+ sscanf(line, "%d", &tmp);
+ if (tmp > 0) { // channel frequency, the first line must be frequency
+ arr_index++;
+ channels_noise_arr[arr_index].channel = ieee80211_frequency_to_channel(tmp);
+ } else { // noise
+ channels_noise_arr[arr_index].noise = tmp;
+ }
+ }else{
+ break;
}
}
- free(line);
pclose(f);
return RETURN_OK;
}
@@ -3544,7 +3547,7 @@
size_t len=0;
int channels_num = 0;
int vht_channel_width = 0;
- bool get_nosie_ret = false;
+ int get_noise_ret = RETURN_ERR;
bool filter_enable = false;
bool filter_BSS = false; // The flag determine whether the BSS information need to be filterd.
@@ -3563,8 +3566,7 @@
_syscmd(cmd, buf, sizeof(buf));
channels_num = strtol(buf, NULL, 10);
- struct channels_noise *channels_noise_arr = calloc(channels_num, sizeof(struct channels_noise));
- get_nosie_ret = get_noise(radioIndex, channels_noise_arr, channels_num);
+
sprintf(cmd, "iw dev %s%d scan | grep '%s%d\\|SSID\\|freq\\|beacon interval\\|capabilities\\|signal\\|Supported rates\\|DTIM\\| \
// WPA\\|RSN\\|Group cipher\\|HT operation\\|secondary channel offset\\|channel width\\|HE.*GHz' | grep -v -e '*.*BSS'", AP_PREFIX, radioIndex, AP_PREFIX, radioIndex);
@@ -3573,6 +3575,10 @@
wifi_dbg_printf("%s: popen %s error\n", __func__, cmd);
return RETURN_ERR;
}
+
+ struct channels_noise *channels_noise_arr = calloc(channels_num, sizeof(struct channels_noise));
+ get_noise_ret = get_noise(radioIndex, channels_noise_arr, channels_num);
+
ret = fgets(line, sizeof(line), f);
while (ret != NULL) {
if(strstr(line, "BSS") != NULL) { // new neighbor info
@@ -3614,7 +3620,7 @@
}
scan_array[index].ap_Noise = 0;
- if (get_nosie_ret) {
+ if (get_noise_ret == RETURN_OK) {
for (int i = 0; i < channels_num; i++) {
if (scan_array[index].ap_Channel == channels_noise_arr[i].channel) {
scan_array[index].ap_Noise = channels_noise_arr[i].noise;
@@ -3726,6 +3732,7 @@
}
*neighbor_ap_array = scan_array;
pclose(f);
+ free(channels_noise_arr);
WIFI_ENTRY_EXIT_DEBUG("Exiting %s:%d\n",__func__, __LINE__);
return RETURN_OK;
}
@@ -8182,7 +8189,7 @@
size_t len=0;
int channels_num = 0;
int vht_channel_width = 0;
- bool get_nosie_ret = false;
+ int get_noise_ret = RETURN_ERR;
bool filter_enable = false;
bool filter_BSS = false; // The flag determine whether the BSS information need to be filterd.
@@ -8201,9 +8208,6 @@
_syscmd(cmd, buf, sizeof(buf));
channels_num = strtol(buf, NULL, 10);
- struct channels_noise *channels_noise_arr = calloc(channels_num, sizeof(struct channels_noise));
- get_nosie_ret = get_noise(radio_index, channels_noise_arr, channels_num);
-
sprintf(cmd, "iw dev %s%d scan dump | grep '%s%d\\|SSID\\|freq\\|beacon interval\\|capabilities\\|signal\\|Supported rates\\|DTIM\\| \
// WPA\\|RSN\\|Group cipher\\|HT operation\\|secondary channel offset\\|channel width\\|HE.*GHz' | grep -v -e '*.*BSS'", AP_PREFIX, radio_index, AP_PREFIX, radio_index);
fprintf(stderr, "cmd: %s\n", cmd);
@@ -8211,6 +8215,10 @@
wifi_dbg_printf("%s: popen %s error\n", __func__, cmd);
return RETURN_ERR;
}
+
+ struct channels_noise *channels_noise_arr = calloc(channels_num, sizeof(struct channels_noise));
+ get_noise_ret = get_noise(radio_index, channels_noise_arr, channels_num);
+
ret = fgets(line, sizeof(line), f);
while (ret != NULL) {
if(strstr(line, "BSS") != NULL) { // new neighbor info
@@ -8252,7 +8260,7 @@
}
scan_array[index].ap_Noise = 0;
- if (get_nosie_ret) {
+ if (get_noise_ret == RETURN_OK) {
for (int i = 0; i < channels_num; i++) {
if (scan_array[index].ap_Channel == channels_noise_arr[i].channel) {
scan_array[index].ap_Noise = channels_noise_arr[i].noise;
@@ -8364,6 +8372,7 @@
}
*neighbor_ap_array = scan_array;
pclose(f);
+ free(channels_noise_arr);
WIFI_ENTRY_EXIT_DEBUG("Exiting %s:%d\n",__func__, __LINE__);
return RETURN_OK;
}