qcacld-3.0: prevent double free of ft pre auth response

Propagation qcacld-2.0 to qcacld-3.0 while processing ft pre auth response, if memory allocation fails then host is not setting psavedFTPreAuthRsp to null. Later sme is freeing same memory as freeing pMsg->bodyptr. Hence on next disconnect, sme_FtReset try to free psavedFTPreAuthRsp which is already free. As a part of this fix, host ensure to set psavedFTPreAuthRsp Null in all cases. Change-Id: I144786cd4206bf273d2ffa63889af109cd2744dd CRs-Fixed: 916416
2015-10-23 14:03:14 +05:30
Parent 1bdb157ba5
--- a/core/sme/src/csr/csr_api_roam.c
+++ b/core/sme/src/csr/csr_api_roam.c
@@ -17959,6 +17959,10 @@ void csr_roam_ft_pre_auth_rsp_processor(tHalHandle hHal,
 		pMac->roam.roamSession[sessionId].connectedProfile.AuthType;

 	pSession->ftSmeContext.addMDIE = false;
+
+	/* Done with it, init it. */
+	pSession->ftSmeContext.psavedFTPreAuthRsp = NULL;
+
 	if (csr_roam_is11r_assoc(pMac, pFTPreAuthRsp->smeSessionId) &&
 	    (conn_Auth_type == eCSR_AUTH_TYPE_OPEN_SYSTEM)) {
 		uint16_t ft_ies_length;
@@ -17991,8 +17995,6 @@ void csr_roam_ft_pre_auth_rsp_processor(tHalHandle hHal,
 			pSession->ftSmeContext.addMDIE = true;
 		}
 	}
-	/* Done with it, init it. */
-	pSession->ftSmeContext.psavedFTPreAuthRsp = NULL;
 }
 #endif