From e4a628f2d6fd22dc6fa51b877ab32db81f9aac38 Mon Sep 17 00:00:00 2001
From: gaurank kathpalia <gkathpal@codeaurora.org>
Date: Tue, 12 Jun 2018 12:01:50 +0530
Subject: [PATCH] qcacld-3.0: Free channel-list memory from Sap_context

The driver allocates memory to channelist in the API
sap_get_channel_list, and stores the pointer to channel
list in sap_context, and frees the memory allocated for
the same in scan request callback.
But it may happen that before the callback, stop adapter
calls wlansap_context_put and frees the memory allocated
to sap context, without the mem free of channellist, which
results in a mem leak

Fix is to add a NULL check to sap context and free the memory
allocated to the sap context channel list in
sap_cleanup_channel_list.

Change-Id: I7030ca8325ae4c968db654bf14062e332f409b87
CRs-Fixed: 2254767
---
 core/sap/src/sap_module.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/sap/src/sap_module.c b/core/sap/src/sap_module.c
index 57c131a477..f617582803 100644
--- a/core/sap/src/sap_module.c
+++ b/core/sap/src/sap_module.c
@@ -228,6 +228,11 @@ void wlansap_context_put(struct sap_context *ctx)
 	for (i = 0; i < SAP_MAX_NUM_SESSION; i++) {
 		if (gp_sap_ctx[i] == ctx) {
 			if (qdf_atomic_dec_and_test(&sap_ctx_ref_count[i])) {
+				if (ctx->channelList) {
+					qdf_mem_free(ctx->channelList);
+					ctx->channelList = NULL;
+					ctx->num_of_channel = 0;
+				}
 				qdf_mem_free(ctx);
 				gp_sap_ctx[i] = NULL;
 				QDF_TRACE(QDF_MODULE_ID_SAP,