From d06e9ac5f551a59928cad50802f7638b790f9b59 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Fri, 25 Apr 2014 23:09:56 +0300
Subject: [PATCH] P2P: Verify operating channel validity for NFC connection
 handover

p2p_freq_to_channel() could return an error if the GO or P2P Client
operating channel is not valid. Check for this before generating the NFC
handover message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---
 src/p2p/p2p.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index bcc7e6446..ea82ae835 100644
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -4463,12 +4463,24 @@ static struct wpabuf * p2p_build_nfc_handover(struct p2p_data *p2p,
 	p2p_buf_add_device_info(buf, p2p, NULL);
 
 	if (p2p->num_groups > 0) {
+		int freq = p2p_group_get_freq(p2p->groups[0]);
 		role = P2P_GO_IN_A_GROUP;
-		p2p_freq_to_channel(p2p_group_get_freq(p2p->groups[0]),
-				    &op_class, &channel);
+		if (p2p_freq_to_channel(freq, &op_class, &channel) < 0) {
+			p2p_dbg(p2p,
+				"Unknown GO operating frequency %d MHz for NFC handover",
+				freq);
+			wpabuf_free(buf);
+			return NULL;
+		}
 	} else if (client_freq > 0) {
 		role = P2P_CLIENT_IN_A_GROUP;
-		p2p_freq_to_channel(client_freq, &op_class, &channel);
+		if (p2p_freq_to_channel(client_freq, &op_class, &channel) < 0) {
+			p2p_dbg(p2p,
+				"Unknown client operating frequency %d MHz for NFC handover",
+				client_freq);
+			wpabuf_free(buf);
+			return NULL;
+		}
 	}
 
 	p2p_buf_add_oob_go_neg_channel(buf, p2p->cfg->country, op_class,
-- 
2.47.3