From afcebb82f391776dc332a268d6a582f8de0b7a23 Mon Sep 17 00:00:00 2001
From: Srinivas Girigowda <sgirigow@codeaurora.org>
Date: Wed, 26 Jul 2017 12:17:20 +0530
Subject: [PATCH] qcacld-2.0: Fix incorrect processing of encrypted auth frame

qcacld-3.0 to qcacld-2.0 propagation.

Fix incorrect processing of encrypted auth frame by allocating
appropriate local buffer and using correct type for frame length.

Change-Id: I0d17656230c4a032c6a190835343e5da737978eb
CRs-Fixed: 2082544
Bug: 67030205
Signed-off-by: Srinivas Girigowda <sgirigow@codeaurora.org>
---

diff --git a/drivers/staging/qcacld-2.0/CORE/MAC/src/pe/lim/limSecurityUtils.c b/drivers/staging/qcacld-2.0/CORE/MAC/src/pe/lim/limSecurityUtils.c
index 049c86a..909a300 100644
--- a/drivers/staging/qcacld-2.0/CORE/MAC/src/pe/lim/limSecurityUtils.c
+++ b/drivers/staging/qcacld-2.0/CORE/MAC/src/pe/lim/limSecurityUtils.c
@@ -734,7 +734,7 @@
     {
         tANI_U8 i   = ctx.i;
         tANI_U8 j   = ctx.j;
-        tANI_U8 len = (tANI_U8) frameLen;
+        tANI_U16 len = frameLen;
 
         while (len-- > 0)
         {
@@ -816,7 +816,7 @@
     // Compute CRC-32 and place them in last 4 bytes of encrypted body
     limComputeCrc32(icv,
                     (tANI_U8 *) pPlainBody,
-                    (tANI_U8) (frameLen - SIR_MAC_WEP_ICV_LENGTH));
+                    (frameLen - SIR_MAC_WEP_ICV_LENGTH));
 
     // Compare RX_ICV with computed ICV
     for (i = 0; i < SIR_MAC_WEP_ICV_LENGTH; i++)