From c4750adac012616d40b1300e862ec75573a5cb1f Mon Sep 17 00:00:00 2001
From: Smriti Gupta <smritig@codeaurora.org>
Date: Fri, 8 Jul 2016 12:05:57 +0530
Subject: [PATCH] FM: Fix KW issues.

Fix KW issues in FM.

CRs-Fixed: 1040552
Change-Id: I57fec241ecc98735e3ec6cf75837859a4db4ad97
---
 fm_hci/fm_hci.c           |  6 ++++--
 fmhalService/main.c       |  2 +-
 helium/radio_helium_hal.c | 18 +++++++++++-------
 3 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/fm_hci/fm_hci.c b/fm_hci/fm_hci.c
index 4793295..74c0ac9 100644
--- a/fm_hci/fm_hci.c
+++ b/fm_hci/fm_hci.c
@@ -268,12 +268,14 @@ static int read_fm_event(struct fm_hci_t *hci, struct fm_event_header_t *pbuf, i
 
 static void *hci_read_thread(void *arg)
 {
-    int length;
+    int length = 0;
     struct fm_hci_t *hci = (struct fm_hci_t *)arg;
 
     struct fm_event_header_t *evt_buf = (struct fm_event_header_t *) malloc(sizeof(struct fm_event_header_t) + MAX_FM_EVT_PARAMS);
 
-    length = read_fm_event(hci, evt_buf, sizeof(struct fm_event_header_t) + MAX_FM_EVT_PARAMS);
+    if (!evt_buf)
+        length = read_fm_event(hci, evt_buf, sizeof(struct fm_event_header_t) + MAX_FM_EVT_PARAMS);
+
     ALOGD("length=%d\n",length);
     if(length <=0) {
        lib_running =0;
diff --git a/fmhalService/main.c b/fmhalService/main.c
index 558f681..6647f8b 100644
--- a/fmhalService/main.c
+++ b/fmhalService/main.c
@@ -342,7 +342,7 @@ void vnd_load_if()
 
 int main()  {
    fd_set client_fds;
-    int retval, n;
+    int retval = -1, n;
 
     ALOGI("%s: Entry ", __func__);
     ALOGI("FM HAL SERVICE: Loading the WCNSS HAL library...");
diff --git a/helium/radio_helium_hal.c b/helium/radio_helium_hal.c
index f22c6f5..a45fd48 100644
--- a/helium/radio_helium_hal.c
+++ b/helium/radio_helium_hal.c
@@ -323,7 +323,7 @@ static void hci_cc_default_data_write_rsp(char *ev_buff)
 
 static void hci_cc_get_blend_tbl_rsp(char *ev_buff)
 {
-    int status, val;
+    int status, val = -1;
 
     if (ev_buff == NULL) {
         ALOGE("%s:response buffer in null", LOG_TAG);
@@ -360,11 +360,13 @@ static void hci_cc_set_blend_tbl_rsp(char *ev_buff)
 
 static void hci_cc_station_rsp(char *ev_buff)
 {
-    int val, status = ev_buff[0];
+    int val = -1, status = ev_buff[0];
+    unsigned char *tmp = (unsigned char *)(&hal->radio->fm_st_rsp.station_rsp)
+                                             + sizeof(char);
 
     if (status == FM_HC_STATUS_SUCCESS) {
-        memcpy(&hal->radio->fm_st_rsp.station_rsp.station_freq, &ev_buff[1],
-                sizeof(struct hci_fm_station_rsp) - sizeof(char));
+        memcpy(tmp, &ev_buff[1],
+                sizeof(struct hci_ev_tune_status) - sizeof(char));
         if (test_bit(station_param_mask_flag, CMD_STNPARAM_RSSI)) {
                 val = hal->radio->fm_st_rsp.station_rsp.rssi;
         } else if (test_bit(station_param_mask_flag, CMD_STNPARAM_SINR)) {
@@ -379,7 +381,7 @@ static void hci_cc_station_rsp(char *ev_buff)
 
 static void hci_cc_dbg_param_rsp(char *ev_buff)
 {
-    int val, status = ev_buff[0];
+    int val = -1, status = ev_buff[0];
 
     if (status == FM_HC_STATUS_SUCCESS) {
         memcpy(&hal->radio->st_dbg_param, &ev_buff[1],
@@ -652,8 +654,10 @@ static inline void hci_ev_radio_text(char *buff)
     data[3] = buff[RDS_PID_HIGHER];
     data[4] = buff[RT_A_B_FLAG_OFFSET];
 
-    memcpy(data+RDS_OFFSET, &buff[RDS_OFFSET], len);
-    data[len+RDS_OFFSET] = 0x00;
+    if (len > 0) {
+        memcpy(data+RDS_OFFSET, &buff[RDS_OFFSET], len);
+        data[len+RDS_OFFSET] = 0x00;
+    }
 
     hal->jni_cb->rt_update_cb(data);
     free(data);
-- 
GitLab