This properly handles the unref of client->msg in
stop_discovery_complete() and the reset of it. This also handles the unref
of client->msg, the reset of client->watch and the reset of client->msg in
start_discovery_complete().
The following test was performed:
(1) Intentionally changed the MGMT status other than MGMT_STATUS_SUCCESS
in stop_discovery_complete() and start_discovery_complete() and built
bluetoothd.
(2) In bluetoothctl console, issued scan on/scan off to invoke
StartDiscovery and verified that new discovery requests can be processed.
Reviewed-by: Alain Michaud <alainm@xxxxxxxxxxxx>
Reviewed-by: Sonny Sasaka <sonnysasaka@xxxxxxxxxxxx>
---
src/adapter.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/adapter.c b/src/adapter.c
index 76acfea70..0857a3115 100644
--- a/src/adapter.c
+++ b/src/adapter.c
@@ -1652,6 +1652,9 @@ fail:
reply = btd_error_busy(client->msg);
g_dbus_send_message(dbus_conn, reply);
g_dbus_remove_watch(dbus_conn, client->watch);
+ client->watch = 0;
+ dbus_message_unref(client->msg);
+ client->msg = NULL;
discovery_remove(client, false);
return;
}
@@ -1926,6 +1929,8 @@ static void stop_discovery_complete(uint8_t status, uint16_t length,
if (client->msg) {
reply = btd_error_busy(client->msg);
g_dbus_send_message(dbus_conn, reply);
+ dbus_message_unref(client->msg);
+ client->msg = NULL;
}
goto done;
}
--
2.26.2
