From a158dfb78e2d662ec039f7815ad50a7a5f009101 Mon Sep 17 00:00:00 2001
From: kimocoder <christian@aircrack-ng.org>
Date: Sat, 6 Apr 2019 01:29:01 +0200
Subject: [PATCH] Add check for psta->cmn.aid out of bounds

---
 core/rtw_sta_mgt.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/rtw_sta_mgt.c b/core/rtw_sta_mgt.c
index 7c13002..caacdab 100644
--- a/core/rtw_sta_mgt.c
+++ b/core/rtw_sta_mgt.c
@@ -798,6 +798,11 @@ u32	rtw_free_stainfo(_adapter *padapter , struct sta_info *psta)
 
 #ifdef CONFIG_NATIVEAP_MLME
 
+	if (psta->cmn.aid > 31) {
+		pr_err("***** psta->aid (%d) out of bounds\n", psta->cmn.aid);
+		return _FAIL;
+	}
+
 	if (pmlmeinfo->state == _HW_STATE_AP_) {
 		rtw_tim_map_clear(padapter, pstapriv->sta_dz_bitmap, psta->cmn.aid);
 		rtw_tim_map_clear(padapter, pstapriv->tim_bitmap, psta->cmn.aid);