Loading system/bta/hl/bta_hl_main.cc +1 −4 Original line number Original line Diff line number Diff line Loading @@ -1404,14 +1404,13 @@ static void bta_hl_sdp_query_results(UNUSED_ATTR tBTA_HL_CB* p_cb, tBTA_HL_MCL_CB* p_mcb = BTA_HL_GET_MCL_CB_PTR(app_idx, mcl_idx); tBTA_HL_MCL_CB* p_mcb = BTA_HL_GET_MCL_CB_PTR(app_idx, mcl_idx); tBTA_HL_SDP* p_sdp = NULL; tBTA_HL_SDP* p_sdp = NULL; uint16_t event; uint16_t event; bool release_sdp_buf = false; event = p_data->hdr.event; event = p_data->hdr.event; if (event == BTA_HL_SDP_QUERY_OK_EVT) { if (event == BTA_HL_SDP_QUERY_OK_EVT) { // this is freed in btif_hl_proc_sdp_query_cfm p_sdp = (tBTA_HL_SDP*)osi_malloc(sizeof(tBTA_HL_SDP)); p_sdp = (tBTA_HL_SDP*)osi_malloc(sizeof(tBTA_HL_SDP)); memcpy(p_sdp, &p_mcb->sdp, sizeof(tBTA_HL_SDP)); memcpy(p_sdp, &p_mcb->sdp, sizeof(tBTA_HL_SDP)); release_sdp_buf = true; } else { } else { status = BTA_HL_STATUS_SDP_FAIL; status = BTA_HL_STATUS_SDP_FAIL; } } Loading @@ -1430,8 +1429,6 @@ static void bta_hl_sdp_query_results(UNUSED_ATTR tBTA_HL_CB* p_cb, p_mcb->bd_addr, p_sdp, status); p_mcb->bd_addr, p_sdp, status); p_acb->p_cback(BTA_HL_SDP_QUERY_CFM_EVT, (tBTA_HL*)&evt_data); p_acb->p_cback(BTA_HL_SDP_QUERY_CFM_EVT, (tBTA_HL*)&evt_data); if (release_sdp_buf) osi_free_and_reset((void**)&p_sdp); if (p_data->cch_sdp.release_mcl_cb) { if (p_data->cch_sdp.release_mcl_cb) { memset(p_mcb, 0, sizeof(tBTA_HL_MCL_CB)); memset(p_mcb, 0, sizeof(tBTA_HL_MCL_CB)); } else { } else { Loading system/btif/src/btif_hl.cc +4 −0 Original line number Original line Diff line number Diff line Loading @@ -2172,6 +2172,10 @@ static bool btif_hl_proc_sdp_query_cfm(tBTA_HL* p_data) { } } } } } } // this was allocated in bta_hl_sdp_query_results osi_free_and_reset((void**)&p_data->sdp_query_cfm.p_sdp); return status; return status; } } Loading Loading
system/bta/hl/bta_hl_main.cc +1 −4 Original line number Original line Diff line number Diff line Loading @@ -1404,14 +1404,13 @@ static void bta_hl_sdp_query_results(UNUSED_ATTR tBTA_HL_CB* p_cb, tBTA_HL_MCL_CB* p_mcb = BTA_HL_GET_MCL_CB_PTR(app_idx, mcl_idx); tBTA_HL_MCL_CB* p_mcb = BTA_HL_GET_MCL_CB_PTR(app_idx, mcl_idx); tBTA_HL_SDP* p_sdp = NULL; tBTA_HL_SDP* p_sdp = NULL; uint16_t event; uint16_t event; bool release_sdp_buf = false; event = p_data->hdr.event; event = p_data->hdr.event; if (event == BTA_HL_SDP_QUERY_OK_EVT) { if (event == BTA_HL_SDP_QUERY_OK_EVT) { // this is freed in btif_hl_proc_sdp_query_cfm p_sdp = (tBTA_HL_SDP*)osi_malloc(sizeof(tBTA_HL_SDP)); p_sdp = (tBTA_HL_SDP*)osi_malloc(sizeof(tBTA_HL_SDP)); memcpy(p_sdp, &p_mcb->sdp, sizeof(tBTA_HL_SDP)); memcpy(p_sdp, &p_mcb->sdp, sizeof(tBTA_HL_SDP)); release_sdp_buf = true; } else { } else { status = BTA_HL_STATUS_SDP_FAIL; status = BTA_HL_STATUS_SDP_FAIL; } } Loading @@ -1430,8 +1429,6 @@ static void bta_hl_sdp_query_results(UNUSED_ATTR tBTA_HL_CB* p_cb, p_mcb->bd_addr, p_sdp, status); p_mcb->bd_addr, p_sdp, status); p_acb->p_cback(BTA_HL_SDP_QUERY_CFM_EVT, (tBTA_HL*)&evt_data); p_acb->p_cback(BTA_HL_SDP_QUERY_CFM_EVT, (tBTA_HL*)&evt_data); if (release_sdp_buf) osi_free_and_reset((void**)&p_sdp); if (p_data->cch_sdp.release_mcl_cb) { if (p_data->cch_sdp.release_mcl_cb) { memset(p_mcb, 0, sizeof(tBTA_HL_MCL_CB)); memset(p_mcb, 0, sizeof(tBTA_HL_MCL_CB)); } else { } else { Loading
system/btif/src/btif_hl.cc +4 −0 Original line number Original line Diff line number Diff line Loading @@ -2172,6 +2172,10 @@ static bool btif_hl_proc_sdp_query_cfm(tBTA_HL* p_data) { } } } } } } // this was allocated in bta_hl_sdp_query_results osi_free_and_reset((void**)&p_data->sdp_query_cfm.p_sdp); return status; return status; } } Loading
