From 3f79e541593fecc2a90687eb7162e15a499caa33 Mon Sep 17 00:00:00 2001 From: Ping-Ke Shih Date: Mon, 7 Dec 2020 11:19:03 +0800 Subject: [PATCH] rtlwifi: rtl8192de: fix ofdm power compensation ofdm_index[] is used to indicate how many power compensation is needed to current thermal value. For internal PA module or 2.4G band, the min_index is different from other cases. This issue originally is reported by Dan. He found the size of ofdm_index[] is 2, but access index 'i' may be equal to 2 if 'rf' is 2 in case of 'is2t'. In fact, the chunk of code is added to wrong place, so move it back to proper place, and then power compensation and buffer overflow are fixed. Reported-by: Dan Carpenter Signed-off-by: Ping-Ke Shih Signed-off-by: Kalle Valo Link: https://lore.kernel.org/r/20201207031903.7599-1-pkshih@realtek.com --- drivers/net/wireless/realtek/rtlwifi/rtl8192de/dm.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/drivers/net/wireless/realtek/rtlwifi/rtl8192de/dm.c b/drivers/net/wireless/realtek/rtlwifi/rtl8192de/dm.c index b3f25a2..6cc9c76 100644 --- a/drivers/net/wireless/realtek/rtlwifi/rtl8192de/dm.c +++ b/drivers/net/wireless/realtek/rtlwifi/rtl8192de/dm.c @@ -986,18 +986,19 @@ old_index_done: rtlpriv->dm.cck_index); } for (i = 0; i < rf; i++) { - if (ofdm_index[i] > OFDM_TABLE_SIZE_92D - 1) + if (ofdm_index[i] > OFDM_TABLE_SIZE_92D - 1) { ofdm_index[i] = OFDM_TABLE_SIZE_92D - 1; - else if (ofdm_index[i] < ofdm_min_index) + } else if (internal_pa || + rtlhal->current_bandtype == BAND_ON_2_4G) { + if (ofdm_index[i] < ofdm_min_index_internal_pa) + ofdm_index[i] = ofdm_min_index_internal_pa; + } else if (ofdm_index[i] < ofdm_min_index) { ofdm_index[i] = ofdm_min_index; + } } if (rtlhal->current_bandtype == BAND_ON_2_4G) { if (cck_index > CCK_TABLE_SIZE - 1) { cck_index = CCK_TABLE_SIZE - 1; - } else if (internal_pa || - rtlhal->current_bandtype == BAND_ON_2_4G) { - if (ofdm_index[i] < ofdm_min_index_internal_pa) - ofdm_index[i] = ofdm_min_index_internal_pa; } else if (cck_index < 0) { cck_index = 0; } -- 2.7.4