diff options
| author | gaurank kathpalia <gkathpal@codeaurora.org> | 2017-12-18 23:34:23 +0530 |
|---|---|---|
| committer | snandini <snandini@codeaurora.org> | 2017-12-20 00:34:56 -0800 |
| commit | 14fcc7cd8fcd216f5f0f9ce05ed0dd4476224f89 (patch) | |
| tree | 6dae30bf6fa1fead384eade9dd1299ee9093d620 | |
| parent | 51eb26cbfae4e87a082d6f152accdba94be55aa1 (diff) | |
qcacld-3.0: Fix memory leak issue of ch_list in sap_get_channel_list
In the api sap_get_channel_list, list is allocated memory to store the
channel list to be sent for scan request. This api is called by
sap_goto_channel_sel which initializes scan_request.ChannelInfo.ChannelList
to channel_list, without any prior NULL check of channel_list.
Also in scan callback wlansap_scan_callback, if the state machine structure
is in disconnected state , the host returns without freeing the memory
allocated to the channel list in sap_ctx .
Fix is to free the memory allocated to the channel list
and make the sap_ctx->channellist, sap_ctx->num_of_channel
as NULL and zero respectively in both the instances .
Change-Id: Ia54287d6e77e206c717bd3c205ebe57510ea801c
CRs-Fixed: 2159489
| -rw-r--r-- | core/sap/src/sap_api_link_cntl.c | 5 | ||||
| -rw-r--r-- | core/sap/src/sap_fsm.c | 5 |
2 files changed, 10 insertions, 0 deletions
diff --git a/core/sap/src/sap_api_link_cntl.c b/core/sap/src/sap_api_link_cntl.c index 90610a07409b..0610dd593a75 100644 --- a/core/sap/src/sap_api_link_cntl.c +++ b/core/sap/src/sap_api_link_cntl.c @@ -118,6 +118,11 @@ QDF_STATUS wlansap_scan_callback(tHalHandle hal_handle, if (sap_ctx->sapsMachine == eSAP_DISCONNECTED) { QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_WARN, "In %s BSS already stopped", __func__); + if (sap_ctx->channelList != NULL) { + qdf_mem_free(sap_ctx->channelList); + sap_ctx->channelList = NULL; + sap_ctx->num_of_channel = 0; + } return QDF_STATUS_E_FAILURE; } diff --git a/core/sap/src/sap_fsm.c b/core/sap/src/sap_fsm.c index 6157cda3d4b3..0258bb8241bc 100644 --- a/core/sap/src/sap_fsm.c +++ b/core/sap/src/sap_fsm.c @@ -2457,6 +2457,11 @@ QDF_STATUS sap_goto_channel_sel(ptSapContext sap_context, scan_request.requestType = eCSR_SCAN_SOFTAP_CHANNEL_RANGE; + if (sap_context->channelList) { + qdf_mem_free(sap_context->channelList); + sap_context->channelList = NULL; + sap_context->num_of_channel = 0; + } sap_context->channelList = channel_list; sap_context->num_of_channel = num_of_channels; |
