libdvbv5: fix a nasty to track double-free bug

When the entries from a channel file have a name on it, and
a new transponder is added, the code at dvb_scan_add_entry()
would be copying the channel names at the new entries,
and the dvb_file_free() would be trying to free the memory.

Also, the new entry would be polluted by the values that got
filled already from a previous entry.

So, create a fresh entry with just the tunning part of the
entry.

Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>

diff --git a/lib/libdvbv5/dvb-scan.c b/lib/libdvbv5/dvb-scan.c
index d22c1d3..4a8bd66 100644 (file)
--- a/lib/libdvbv5/dvb-scan.c
+++ b/lib/libdvbv5/dvb-scan.c
@@ -729,9 +729,18 @@ struct dvb_entry *dvb_scan_add_entry(struct dvb_v5_fe_parms *__p,
                return NULL;
        }
 
-       printf("Sizeof a full entry=%d, size of props=%d\n", sizeof(entry), sizeof(entry->props));
+       /*
+        * We can't just copy the entire entry struct, as some strings
+        * like lnb, channel, vchannel will be freed multiple times.
+        * So, copy the props and the Satellite parameters only.
+        */
        memcpy(new_entry->props, entry->props, sizeof(entry->props));
-       new_entry->n_props = entry->props;
+       new_entry->n_props = entry->n_props;
+       new_entry->sat_number = entry->sat_number;
+       new_entry->freq_bpf = entry->freq_bpf;
+       new_entry->diseqc_wait = entry->diseqc_wait;
+       if (entry->lnb)
+               new_entry->lnb = strdup(entry->lnb);
 
        /*
         * The frequency should change to the new one. Seek for it and