diff options
| author | Skylar Chang <chiaweic@codeaurora.org> | 2017-03-31 01:24:55 -0700 |
|---|---|---|
| committer | Gerrit - the friendly Code Review server <code-review@localhost> | 2017-05-01 13:22:30 -0700 |
| commit | e6a8f7d61ac3fc64918ca9ca71a9b83f8a3afed9 (patch) | |
| tree | bf16ee505dc261fb832e6563ea3de6378edab2c7 /ipacm/src/IPACM_Netlink.cpp | |
| parent | c15f586dda4891c4831e5862783d2350b5846c8b (diff) | |
| download | ipacfg-mgr-e6a8f7d61ac3fc64918ca9ca71a9b83f8a3afed9.tar.gz | |
ipacm: fix the heap-use-after-free issue on bootup
On device bootup, ASAN was reported IPACM has the
heap-use-after-free issue on IPACM_Netlink.cpp file
when bootup. The fix is to move the debug prints
before the events are getting posted and processed.
Change-Id: Id0a1b4e85d2d3fb027729ff6e98e25d26a9e638a
Diffstat (limited to 'ipacm/src/IPACM_Netlink.cpp')
| -rw-r--r-- | ipacm/src/IPACM_Netlink.cpp | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/ipacm/src/IPACM_Netlink.cpp b/ipacm/src/IPACM_Netlink.cpp index 30295b1..186e196 100644 --- a/ipacm/src/IPACM_Netlink.cpp +++ b/ipacm/src/IPACM_Netlink.cpp @@ -689,12 +689,12 @@ static int ipa_nl_decode_nlmsg /* Add IPACM support for ECM plug-in/plug_out */ /*-------------------------------------------------------------------------- - Check if the interface is running.If its a RTM_NEWLINK and the interface - is running then it means that its a link up event - ---------------------------------------------------------------------------*/ - if((msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_RUNNING) && - (msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP)) - { + Check if the interface is running.If its a RTM_NEWLINK and the interface + is running then it means that its a link up event + ---------------------------------------------------------------------------*/ + if((msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_RUNNING) && + (msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP)) + { data_fid = (ipacm_event_data_fid *)malloc(sizeof(ipacm_event_data_fid)); if(data_fid == NULL) @@ -712,17 +712,17 @@ static int ipa_nl_decode_nlmsg } IPACMDBG("Got a usb link_up event (Interface %s, %d) \n", dev_name, msg_ptr->nl_link_info.metainfo.ifi_index); - /*-------------------------------------------------------------------------- - Post LAN iface (ECM) link up event - ---------------------------------------------------------------------------*/ - evt_data.event = IPA_USB_LINK_UP_EVENT; + /*-------------------------------------------------------------------------- + Post LAN iface (ECM) link up event + ---------------------------------------------------------------------------*/ + evt_data.event = IPA_USB_LINK_UP_EVENT; evt_data.evt_data = data_fid; - IPACM_EvtDispatcher::PostEvt(&evt_data); IPACMDBG_H("Posting usb IPA_LINK_UP_EVENT with if index: %d\n", data_fid->if_index); - } - else if(!(msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP)) - { + IPACM_EvtDispatcher::PostEvt(&evt_data); + } + else if (!(msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP)) + { data_fid = (ipacm_event_data_fid *)malloc(sizeof(ipacm_event_data_fid)); if(data_fid == NULL) { @@ -744,10 +744,10 @@ static int ipa_nl_decode_nlmsg ---------------------------------------------------------------------------*/ evt_data.event = IPA_LINK_DOWN_EVENT; evt_data.evt_data = data_fid; - IPACM_EvtDispatcher::PostEvt(&evt_data); IPACMDBG_H("Posting usb IPA_LINK_DOWN_EVENT with if index: %d\n", data_fid->if_index); - } + IPACM_EvtDispatcher::PostEvt(&evt_data); + } } break; |