device: Fix crash when removing device

Calling btd_adapter_remove_device from device_remove_connection can
cause a crash, so instead of removing it immediatelly this set a the
temporary timeout to 0.

Fixes: https://github.com/bluez/bluez/issues/290
Signed-off-by: Manika Shrivastava <manika.sh@samsung.com>
Signed-off-by: Ayush Garg <ayush.garg@samsung.com>

diff --git a/src/device.c b/src/device.c
index 6e80c8c..276bbcc 100644 (file)
--- a/src/device.c
+++ b/src/device.c
@@ -5628,6 +5628,35 @@ void device_add_connection(struct btd_device *dev, uint8_t bdaddr_type)
 #endif
 }
 
+static bool device_disappeared(gpointer user_data)
+{
+       struct btd_device *dev = user_data;
+
+#ifdef TIZEN_FEATURE_BLUEZ_MODIFY
+       if (dev->le_state.connected) {
+               DBG("GATT connection exists, don't remove the device");
+               return FALSE;
+       }
+#endif
+
+       dev->temporary_timer = 0;
+
+       btd_adapter_remove_device(dev->adapter, dev);
+
+       return FALSE;
+}
+
+static void set_temporary_timer(struct btd_device *dev, unsigned int timeout)
+{
+       clear_temporary_timer(dev);
+
+       if (!timeout)
+               return;
+
+       dev->temporary_timer = timeout_add_seconds(timeout, device_disappeared,
+                                                               dev, NULL);
+}
+
 void device_remove_connection(struct btd_device *device, uint8_t bdaddr_type)
 {
        struct bearer_state *state = get_state(device, bdaddr_type);
@@ -7209,35 +7238,6 @@ void device_set_le_support(struct btd_device *device, uint8_t bdaddr_type)
        store_device_info(device);
 }
 
-static bool device_disappeared(gpointer user_data)
-{
-       struct btd_device *dev = user_data;
-
-#ifdef TIZEN_FEATURE_BLUEZ_MODIFY
-       if (dev->le_state.connected) {
-               DBG("GATT connection exists, don't remove the device");
-               return FALSE;
-       }
-#endif
-
-       dev->temporary_timer = 0;
-
-       btd_adapter_remove_device(dev->adapter, dev);
-
-       return FALSE;
-}
-
-static void set_temporary_timer(struct btd_device *dev, unsigned int timeout)
-{
-       clear_temporary_timer(dev);
-
-       if (!timeout)
-               return;
-
-       dev->temporary_timer = timeout_add_seconds(timeout, device_disappeared,
-                                                               dev, NULL);
-}
-
 void device_update_last_seen(struct btd_device *device, uint8_t bdaddr_type)
 {
        if (bdaddr_type == BDADDR_BREDR)