Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit f9d4e6ed authored by Yeshwanth Sriram Guntuka's avatar Yeshwanth Sriram Guntuka
Browse files

qcacmn: Fix potential double free in send_log_supported_evt_cmd_tlv 

In send_log_supported_evt_cmd_tlv, events_logs_list in
wma handle is freed if previously allocated. If the
num_of_diag_events_logs exceeds the max size, we exit
from the function early without allocating memory for
events_logs_list. This can result in potential double
free scenario if we receive another DIAG_EVENT_LOG_SUPPORTED
event from firmware.

Fix is to set events_logs_list pointer to NULL after
freeing memory.

Change-Id: I9d6148dfc064d87e2947d1b5ec4492c08913dd4c
CRs-Fixed: 2433802
parent 382e54f1
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment