Halaman utama Jelajahi Bantuan
Masuk
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Jelajahi Sumber

qcacld-3.0: Fix double free memory in sme_power_save.c

In sme_ps_enter_wowl_req_params() and sme_ps_exit_wowl_req_params(),
if call to sme_post_ps_msg_to_wma() fails, both caller and callee
frees the message buffer causing double free of memory.

Do not free the memory again in caller function if
sme_post_ps_msg_to_wma returns error.

Change-Id: I92bab9477a07016c44f099e4286178c9d5487a4c
CRs-Fixed: 1076087
Ankit Gupta 8 tahun lalu
induk
bf70d020dc
melakukan
72a1c609af
1 mengubah file dengan 5 tambahan dan 5 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 5 5
      core/sme/src/common/sme_power_save.c

+ 5 - 5
core/sme/src/common/sme_power_save.c
Tampilan Berkas 

@@ -394,8 +394,9 @@ static QDF_STATUS sme_ps_enter_wowl_req_params(tpAniSirGlobal mac_ctx,
 
 		QDF_TRACE(QDF_MODULE_ID_SME, QDF_TRACE_LEVEL_INFO,
 
 			FL("Msg WMA_WOWL_ENTER_REQ Successfully sent to WMA"));
 
 		return QDF_STATUS_SUCCESS;
 
-	} else
 
-		goto end;
 
+	} else {
 
+		return QDF_STATUS_E_FAILURE;
 
+	}
 
 
 end:
 
 	if (hal_wowl_params != NULL)
 
@@ -429,10 +430,9 @@ static QDF_STATUS sme_ps_exit_wowl_req_params(tpAniSirGlobal mac_ctx,
 
 		QDF_TRACE(QDF_MODULE_ID_SME, QDF_TRACE_LEVEL_INFO,
 
 			FL("Msg WMA_WOWL_EXIT_REQ Successfully sent to WMA"));
 
 		return QDF_STATUS_SUCCESS;
 
+	} else {
 
+		return QDF_STATUS_E_FAILURE;
 
 	}
 
-	if (hal_wowl_msg != NULL)
 
-		qdf_mem_free(hal_wowl_msg);
 
-	return QDF_STATUS_E_FAILURE;
 
 }
 
 
 /**