Don't free memory that shouldn't be freed.

In case of NFC_ERROR_CEVT, p_data is just
a pointer to an uint8_t, and doesn't contain
data that needs to be freed. Note that there's
a fall-through from NFC_DATA_CEVT above which
warrants further investigation, but for
now this is the safe fix.

Bug: 25489121
Change-Id: Ibab5b42ca9defca04b2310c8d9a441c89f0f722d

2 files changed, 0 insertions, 13 deletions

diff --git a/src/nfc/tags/rw_t1t.c b/src/nfc/tags/rw_t1t.c
index a7a8001..e7d373e 100644
--- a/src/nfc/tags/rw_t1t.c
+++ b/src/nfc/tags/rw_t1t.c
@@ -295,12 +295,6 @@ void rw_t1t_conn_cback (UINT8 conn_id, tNFC_CONN_EVT event, tNFC_CONN *p_data)
         {
             rw_t1t_process_error ();
         }
-        if((p_data != NULL) && (p_data->data.p_data != NULL))
-        {
-            /* Free the response buffer in case of invalid response*/
-            GKI_freebuf((BT_HDR *) (p_data->data.p_data));
-            p_data->data.p_data = NULL;
-        }
         break;
 
     default:
diff --git a/src/nfc/tags/rw_t2t.c b/src/nfc/tags/rw_t2t.c
index e6f5b5b..de2de64 100644
--- a/src/nfc/tags/rw_t2t.c
+++ b/src/nfc/tags/rw_t2t.c
@@ -346,13 +346,6 @@ void rw_t2t_conn_cback (UINT8 conn_id, tNFC_CONN_EVT event, tNFC_CONN *p_data)
         {
             rw_t2t_process_error ();
         }
-        /* Free the response buffer in case of invalid response*/
-        if((p_data != NULL) && (p_data->data.p_data != NULL))
-        {
-            /* Free the response buffer in case of invalid response*/
-            GKI_freebuf((BT_HDR *) (p_data->data.p_data));
-            p_data->data.p_data = NULL;
-        }
         break;
 
     default: