qcacld-2.0: Validate pHashTable

prima to qcacld-2.0 propagation

When deauth/disassoc is received from peer at the same time when
cleanup in progress because of disconnect from supplicant, there
is a chance that pHashTable can be NULL. Memory pointed by
pHashTable is freed during peDeleteSession, which is called during
cleanup. In dphLookupHashEntry, pHashTable is referenced without
any NULL check, which can lead to crash. Fix this by validating
pHashTable for NULL check.

Add a NULL check in _limProcessOperatingModeActionFrame before
referencing sta context to resolve potential KW issue.

Change-Id: I74d5c739cade19941320ee02eddc09e4fc74b105
CRs-Fixed: 898375

drivers/net/wireless/qcacld-2.0/CORE/MAC/src/dph/dphHashTable.c

@@ -134,6 +134,11 @@ tpDphHashNode dphLookupHashEntry(tpAniSirGlobal pMac, tANI_U8 staAddr[], tANI_U1
     tpDphHashNode ptr = NULL;
     tANI_U16 index = hashFunction(pMac, staAddr, pDphHashTable->size);
 
+    if (!pDphHashTable->pHashTable) {
+        limLog(pMac, LOGE, FL(" pHashTable is NULL "));
+        return ptr;
+    }
+
     for (ptr = pDphHashTable->pHashTable[index]; ptr; ptr = ptr->next)
         {
             if (dphCompareMacAddr(staAddr, ptr->staAddr))

drivers/net/wireless/qcacld-2.0/CORE/MAC/src/pe/lim/limProcessActionFrame.c

@@ -562,8 +562,10 @@ __limProcessOperatingModeActionFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo
     }
     pSta = dphLookupHashEntry(pMac, pHdr->sa, &aid, &psessionEntry->dph.dphHashTable);
 
-    if (pSta == NULL)
+    if (pSta == NULL) {
+        limLog(pMac, LOGE, FL("Station context not found"));
         goto end;
+    }
 
     operMode = pSta->vhtSupportedChannelWidthSet ? eHT_CHANNEL_WIDTH_80MHZ : pSta->htSupportedChannelWidthSet ? eHT_CHANNEL_WIDTH_40MHZ: eHT_CHANNEL_WIDTH_20MHZ;