Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d400de63 authored by Paul Zhang's avatar Paul Zhang Committed by Ravindra Konda
Browse files

qcacmn: Fix use-after-free issue in util_scan_parse_mbssid 

In some scenario, mbssid_info->prof_residue could be set to
true, hence mbssid_info->split_prof_continue will also be
set to true. Then for the next loop if buffer split_prof_start
is freed but split_prof_end does not reinitialize to NULL,
then use-after-free happens.

To address this issue, reinitialize split_prof_end properly
when split_prof_start is freed.

Change-Id: Iad7448868cfa4c2dd7922f6c1b2622cf20a6a28c
CRs-Fixed: 3583521
parent 05fbfac2
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment