Commit 820ccaab authored Sep 01, 2022 by Balaji Pothunoori Committed by Madan Koyyalamudi Sep 07, 2022

qcacld-3.0: Avoid double free in sch_gen_timing_advert_frame

In sch_gen_timing_advert_frame, the memory allocated for buffer
timing_advert->template_value is freed but not reset to NULL.
This creates a dangling pointer, and it is freed again inside
__wlan_hdd_cfg80211_ocb_start_timing_advert.

To avoid this issue, reset the pointer to buffer
timing_advert->template_value to NULL before returning from
sch_gen_timing_advert_frame.

Change-Id: I2445c53f217d0fd22cbe3026b0869284fe13b851
CRs-Fixed: 3229906

parent 71bdd17b

Hide whitespace changes

Inline Side-by-side

Please register or to comment