Fix heap-use-after-free

In case of below scenario, da_info is freed immediately after cancel
request.

[client request thread]      [http thread]
1. download start
                           2. network doesn't work temporary
                           3. wait for auto retry (pthread_cond_timedwait(cond_http))
4. request cancel
                           5. pthread_cond_signal(cond_http)
                           6. free da_info
7. access to da_info for
   debugging message
   (fault)

Change-Id: Iaf0c50248fa350183c2915ecd40bea99d6c25138

diff --git a/agent/download-agent-dl-mgr.c b/agent/download-agent-dl-mgr.c
index 2da7d99..810e56a 100755 (executable)
--- a/agent/download-agent-dl-mgr.c
+++ b/agent/download-agent-dl-mgr.c
@@ -119,7 +119,7 @@ da_ret_t cancel_download(int dl_id, da_bool_t is_enable_cb)
        ret = request_to_cancel_http_download(da_info);
        if (ret != DA_RESULT_OK)
                goto ERR;
-       DA_LOGI("Download cancel Successful for download id[%d]", da_info->da_id);
+       DA_LOGI("Download cancel Successful for download id[%d]", dl_id);
 
 ERR:
        return ret;

diff --git a/packaging/download-provider.spec b/packaging/download-provider.spec
index 762736a..992ed63 100755 (executable)
--- a/packaging/download-provider.spec
+++ b/packaging/download-provider.spec
@@ -1,6 +1,6 @@
 Name:       download-provider
 Summary:    Download the contents in background
-Version:    2.1.115
+Version:    2.1.116
 Release:    0
 Group:      Development/Libraries
 License:    Apache-2.0