[PATCH 2/2] android/a2dp: Fix freeing preset on SEP close

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

In case SEP was opened from local side, corresponding a2dp_setup
structure has just reference to a2dp_preset which is stored on presets
list. As a result, when closing SEP such preset will be freed leaving
dangling pointer on presets list.

This patch duplicates a2dp_preset in such case so it can be freed
safely.
---
 android/a2dp.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/android/a2dp.c b/android/a2dp.c
index 145cd67..63629a0 100644
--- a/android/a2dp.c
+++ b/android/a2dp.c
@@ -266,6 +266,7 @@ static int select_configuration(struct a2dp_device *dev,
 				struct avdtp_remote_sep *rsep)
 {
 	struct a2dp_preset *preset;
+	struct a2dp_preset *preset_dup;
 	struct avdtp_stream *stream;
 	struct avdtp_service_capability *service;
 	struct avdtp_media_codec_capability *codec;
@@ -298,7 +299,11 @@ static int select_configuration(struct a2dp_device *dev,
 		return err;
 	}
 
-	setup_add(dev, endpoint, preset, stream);
+	preset_dup = g_new0(struct a2dp_preset, 1);
+	preset_dup->len = preset->len;
+	preset_dup->data = g_memdup(preset->data, preset->len);
+
+	setup_add(dev, endpoint, preset_dup, stream);
 
 	return 0;
 }
-- 
1.8.5.2

--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux