qcacld-3.0: Fix potential NULL dereference in hdd_hostapd_sap_event_cb

In the function hdd_hostapd_sap_event_cb, stainfo is obtained
from hdd_get_stainfo(). This stainfo is dereferenced later to
retrive dhcp_phase later. If the stainfo returned from the
function hdd_get_stainfo is NULL, then a possible NULL pointer
dereference could occur.

Add check to validate stainfo is not NULL.

Change-Id: Ia428142b6ae2545528c5998dcde63845ca592b56
CRs-Fixed:  2233870

core/hdd/src/wlan_hdd_hostapd.c

@@ -2148,17 +2148,21 @@ QDF_STATUS hdd_hostapd_sap_event_cb(tpSap_Event pSapEvent,
 			&pSapEvent->sapevt.sapStationDisassocCompleteEvent;
 		memcpy(wrqu.addr.sa_data,
 		       &disassoc_comp->staMac, QDF_MAC_ADDR_SIZE);
-		hdd_info("disassociated " MAC_ADDRESS_STR,
-			 MAC_ADDR_ARRAY(wrqu.addr.sa_data));
 
 		stainfo = hdd_get_stainfo(adapter->cache_sta_info,
 					  disassoc_comp->staMac);
-		if (stainfo) {
-			stainfo->rssi = disassoc_comp->rssi;
-			stainfo->tx_rate = disassoc_comp->tx_rate;
-			stainfo->rx_rate = disassoc_comp->rx_rate;
-			stainfo->reason_code = disassoc_comp->reason_code;
+		if (!stainfo) {
+			hdd_err("peer " MAC_ADDRESS_STR " not found",
+					MAC_ADDR_ARRAY(wrqu.addr.sa_data));
+			return -EINVAL;
 		}
+		hdd_info(" disassociated " MAC_ADDRESS_STR,
+				MAC_ADDR_ARRAY(wrqu.addr.sa_data));
+
+		stainfo->rssi = disassoc_comp->rssi;
+		stainfo->tx_rate = disassoc_comp->tx_rate;
+		stainfo->rx_rate = disassoc_comp->rx_rate;
+		stainfo->reason_code = disassoc_comp->reason_code;
 
 		qdf_status = qdf_event_set(&hostapd_state->qdf_sta_disassoc_event);
 		if (!QDF_IS_STATUS_SUCCESS(qdf_status))

core/wma/src/wma_features.c

@@ -611,6 +611,11 @@ QDF_STATUS wma_process_dhcp_ind(WMA_HANDLE handle,
 	int status = 0;
 	wmi_peer_set_param_cmd_fixed_param peer_set_param_fp = {0};
 
+	if (!wma_handle) {
+		WMA_LOGE("%s : wma_handle is NULL", __func__);
+		return QDF_STATUS_E_FAILURE;
+	}
+
 	if (!ta_dhcp_ind) {
 		WMA_LOGE("%s : DHCP indication is NULL", __func__);
 		return QDF_STATUS_E_FAILURE;