Hi Alfonso, On Mon, Oct 13, 2014, Alfonso Acosta wrote: > + case EIR_MANUFACTURER_DATA: > + if (data_len < 2 || data_len > 2 + sizeof(eir->msd->data)) > + break; > + eir->msd = g_malloc(sizeof(*eir->msd)); > + eir->msd->company = get_le16(data); > + eir->msd->data_len = data_len - 2; > + memcpy(&eir->msd->data, data + 2, eir->msd->data_len); > + break; Wouldn't this lead to a memory leaks if a device (violating the spec. but still) had two or more manufacturer data entries in it's AD/EIR data? Taking example from how remote name entries are handled you should probably g_free(eir->msd) before allocating a new one. Johan -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
