a2dp: Fix crash on discover_cb

There have been reports of crashes on discover_cb where the setup
would most likely already have been freed but discover_cb would still
be called, so instead of assuming the setup pointer would be valid try
to lookup the list of active setups and log a warning when it happens.

Change-Id: Icca1608c48be43174492d69204c8d31b158a99df
Signed-off-by: Wootak Jung <wootak.jung@samsung.com>

diff --git a/profiles/audio/a2dp.c b/profiles/audio/a2dp.c
index 529a0a8..93d0460 100644 (file)
--- a/profiles/audio/a2dp.c
+++ b/profiles/audio/a2dp.c
@@ -2880,6 +2880,13 @@ static void discover_cb(struct avdtp *session, GSList *seps,
 
        DBG("version 0x%04x err %p", version, err);
 
+#ifdef TIZEN_FEATURE_BLUEZ_MODIFY
+       if (!g_slist_find(setups, setup)) {
+               warn("setup %p no longer valid", setup);
+               return;
+       }
+#endif
+
        setup->seps = seps;
        setup->err = err;