diff options
author | Kausik Sinnaswamy <kausik@broadcom.com> | 2013-05-03 15:02:50 +0530 |
---|---|---|
committer | Matthew Xie <mattx@google.com> | 2013-05-05 21:44:19 -0700 |
commit | 95664a9acc57b5e51365454f26d2fac0f2e1ecd4 (patch) | |
tree | b83e52c6aabf56f643ed491e3f92e819fe243317 | |
parent | 2154e12efeec88780933d47b3c3686ff9f6fe84d (diff) | |
download | bluedroid-95664a9acc57b5e51365454f26d2fac0f2e1ecd4.tar.gz |
Fix for SDP data structure leak during pairing
During pairing, bluedroid initiates a SDP request to search services.
Upon SDP completion, some data structure buffers were not returned to
the pool resulting in leak.
Bug : 8797456
Change-Id: Ic512fd22ca6b8b748c5b92c02e24016fe785c0b1
-rw-r--r-- | btif/src/btif_dm.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/btif/src/btif_dm.c b/btif/src/btif_dm.c index 5a7cccd..3854ebd 100644 --- a/btif/src/btif_dm.c +++ b/btif/src/btif_dm.c @@ -586,12 +586,20 @@ static void search_services_copy_cb(UINT16 event, char *p_dest, char *p_src) { case BTA_DM_DISC_RES_EVT: { - if ((p_src_data->disc_res.result == BTA_SUCCESS) && - (p_src_data->disc_res.num_uuids > 0)) + if (p_src_data->disc_res.result == BTA_SUCCESS) { - p_dest_data->disc_res.p_uuid_list = (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH)); - memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list, - p_src_data->disc_res.num_uuids*MAX_UUID_SIZE); + if (p_src_data->disc_res.num_uuids > 0) + { + p_dest_data->disc_res.p_uuid_list = + (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH)); + memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list, + p_src_data->disc_res.num_uuids*MAX_UUID_SIZE); + GKI_freebuf(p_src_data->disc_res.p_uuid_list); + } + if (p_src_data->disc_res.p_raw_data != NULL) + { + GKI_freebuf(p_src_data->disc_res.p_raw_data); + } } } break; } |