qcacld-2.0: prevent double free of ft pre auth response

while processing ft pre auth response, if memory allocation fails then host is not setting psavedFTPreAuthRsp to null. Later sme is freeing same memory as freeing pMsg->bodyptr. Hence on next disconnect, sme_FtReset try to free psavedFTPreAuthRsp which is already free. As a part of this fix, host ensure to set psavedFTPreAuthRsp Null in all cases. Change-Id: I144786cd4206bf273d2ffa63889af109cd2744dd CRs-Fixed: 916416
author: Mukul Sharma <mukul@qti.qualcomm.com> 2015-09-30 21:52:54 +0530
committer: Anjaneedevi Kapparapu <akappa@codeaurora.org> 2015-10-07 14:49:31 +0530
commit: 0804e963cec400e02ef9dd50d6bcf3f05f3c0ec1 (patch)
tree: 4f43e72fbb484db19eed579c08eee07b869a3581
parent: 6c2e635878391ca4e52f510eeed7bc6206bc4d7c (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/CORE/SME/src/csr/csrApiRoam.c b/CORE/SME/src/csr/csrApiRoam.c
index 7333a0ed4103..b421aea4e541 100644
--- a/CORE/SME/src/csr/csrApiRoam.c
+++ b/CORE/SME/src/csr/csrApiRoam.c
@@ -18491,6 +18491,9 @@ void csrRoamFTPreAuthRspProcessor( tHalHandle hHal, tpSirFTPreAuthRsp pFTPreAuth
       pMac->roam.roamSession[sessionId].connectedProfile.AuthType;
 
    pSession->ftSmeContext.addMDIE = FALSE;
+   // Done with it, init it.
+   pSession->ftSmeContext.psavedFTPreAuthRsp = NULL;
+
    if (csrRoamIs11rAssoc(pMac, pFTPreAuthRsp->smeSessionId) &&
       (conn_Auth_type == eCSR_AUTH_TYPE_OPEN_SYSTEM))
    {
@@ -18521,9 +18524,6 @@ void csrRoamFTPreAuthRspProcessor( tHalHandle hHal, tpSirFTPreAuthRsp pFTPreAuth
          pSession->ftSmeContext.addMDIE = TRUE;
       }
    }
-
-   // Done with it, init it.
-   pSession->ftSmeContext.psavedFTPreAuthRsp = NULL;
 }
 #endif
author	Mukul Sharma <mukul@qti.qualcomm.com>	2015-09-30 21:52:54 +0530
committer	Anjaneedevi Kapparapu <akappa@codeaurora.org>	2015-10-07 14:49:31 +0530
commit	0804e963cec400e02ef9dd50d6bcf3f05f3c0ec1 (patch)
tree	4f43e72fbb484db19eed579c08eee07b869a3581
parent	6c2e635878391ca4e52f510eeed7bc6206bc4d7c (diff)