summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorgaurank kathpalia <gkathpal@codeaurora.org>2017-12-18 23:34:23 +0530
committersnandini <snandini@codeaurora.org>2017-12-20 00:34:56 -0800
commit14fcc7cd8fcd216f5f0f9ce05ed0dd4476224f89 (patch)
tree6dae30bf6fa1fead384eade9dd1299ee9093d620
parent51eb26cbfae4e87a082d6f152accdba94be55aa1 (diff)
qcacld-3.0: Fix memory leak issue of ch_list in sap_get_channel_list
In the api sap_get_channel_list, list is allocated memory to store the channel list to be sent for scan request. This api is called by sap_goto_channel_sel which initializes scan_request.ChannelInfo.ChannelList to channel_list, without any prior NULL check of channel_list. Also in scan callback wlansap_scan_callback, if the state machine structure is in disconnected state , the host returns without freeing the memory allocated to the channel list in sap_ctx . Fix is to free the memory allocated to the channel list and make the sap_ctx->channellist, sap_ctx->num_of_channel as NULL and zero respectively in both the instances . Change-Id: Ia54287d6e77e206c717bd3c205ebe57510ea801c CRs-Fixed: 2159489
-rw-r--r--core/sap/src/sap_api_link_cntl.c5
-rw-r--r--core/sap/src/sap_fsm.c5
2 files changed, 10 insertions, 0 deletions
diff --git a/core/sap/src/sap_api_link_cntl.c b/core/sap/src/sap_api_link_cntl.c
index 90610a07409b..0610dd593a75 100644
--- a/core/sap/src/sap_api_link_cntl.c
+++ b/core/sap/src/sap_api_link_cntl.c
@@ -118,6 +118,11 @@ QDF_STATUS wlansap_scan_callback(tHalHandle hal_handle,
if (sap_ctx->sapsMachine == eSAP_DISCONNECTED) {
QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_WARN,
"In %s BSS already stopped", __func__);
+ if (sap_ctx->channelList != NULL) {
+ qdf_mem_free(sap_ctx->channelList);
+ sap_ctx->channelList = NULL;
+ sap_ctx->num_of_channel = 0;
+ }
return QDF_STATUS_E_FAILURE;
}
diff --git a/core/sap/src/sap_fsm.c b/core/sap/src/sap_fsm.c
index 6157cda3d4b3..0258bb8241bc 100644
--- a/core/sap/src/sap_fsm.c
+++ b/core/sap/src/sap_fsm.c
@@ -2457,6 +2457,11 @@ QDF_STATUS sap_goto_channel_sel(ptSapContext sap_context,
scan_request.requestType =
eCSR_SCAN_SOFTAP_CHANNEL_RANGE;
+ if (sap_context->channelList) {
+ qdf_mem_free(sap_context->channelList);
+ sap_context->channelList = NULL;
+ sap_context->num_of_channel = 0;
+ }
sap_context->channelList = channel_list;
sap_context->num_of_channel = num_of_channels;