qcacld-2.0: Remove off-by-one write condition in schBeaconProcess

In the API, the driver inserts 0 after the SSID name, to mark the
end of the ssid, but if the SSID name is 32 characters which is
the max SSID length possible, the driver puts 0 at the 33rd
place of memory which is not the part of the SSID name, which
results in OOB write, or off-by-one write condition.

Fix is to remove the addition of 0 after ssid, as in every
case the driver prints the ssid, taking the ssid length
as the input, and in that case insertion of 0 will not serve
any purpose.

Change-Id: I1d58026ec9f48fe9d00bd2f50783c65899588978
CRs-Fixed: 2541970

drivers/net/wireless/qcacld-2.0/CORE/MAC/inc/sirMacProtDef.h

@@ -1039,10 +1039,11 @@ typedef __ani_attr_pre_packed struct sSirMacRateSet
 } __ani_attr_packed tSirMacRateSet;
 
 
+/* Reserve 1 byte for NULL character in the SSID name field to print in %s */
 typedef __ani_attr_pre_packed struct sSirMacSSid
 {
     tANI_U8        length;
-    tANI_U8        ssId[SIR_MAC_MAX_SSID_LENGTH];
+    tANI_U8        ssId[SIR_MAC_MAX_SSID_LENGTH + 1];
 } __ani_attr_packed tSirMacSSid;
 
 typedef __ani_attr_pre_packed struct sSirMacWpaInfo

drivers/net/wireless/qcacld-2.0/CORE/MAC/src/pe/sch/schBeaconProcess.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2015 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2012-2019 The Linux Foundation. All rights reserved.
  *
  * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
  *
@@ -759,11 +759,6 @@ void schBeaconProcess(tpAniSirGlobal pMac, tANI_U8* pRxPacketInfo, tpPESession p
         return;
     }
 
-    if (beaconStruct.ssidPresent)
-    {
-        beaconStruct.ssId.ssId[beaconStruct.ssId.length] = 0;
-    }
-
     /*
     * First process the beacon in the context of any existing AP or BTAP session.
     * This takes cares of following two scenarios: