Fix wrong memory references and leaks

Issues was reported by a static analyzer.

Change-Id: I83a8f7f481099a3f0fb8ea6be41f4134a10eba34
Signed-off-by: Semun Lee <semun.lee@samsung.com>

diff --git a/bt-api/bt-gatt-client.c b/bt-api/bt-gatt-client.c
index 52ea99e..ca6709d 100644 (file)
--- a/bt-api/bt-gatt-client.c
+++ b/bt-api/bt-gatt-client.c
@@ -2609,21 +2609,17 @@ BT_EXPORT_API int bluetooth_gatt_client_write_characteristic_value_by_type(
                        mtu =  g_array_index(out_param, int, 0);
 
                        if (result != BLUETOOTH_ERROR_NONE) {
-                                       BT_ERR("Fail to get Write FD. result %d", result);
-                                       BT_FREE_PARAMS(in_param1, in_param2, in_param3, in_param4, out_param);
-                                       return result;
+                               BT_ERR("Fail to get Write FD. result %d", result);
+                               BT_FREE_PARAMS(in_param1, in_param2, in_param3, in_param4, out_param);
+                               return result;
                        } else if (NULL == out_fd_list) {
                                BT_ERR("out_fd_list is NULL");
+                               BT_FREE_PARAMS(in_param1, in_param2, in_param3, in_param4, out_param);
                                return BLUETOOTH_ERROR_INTERNAL;
                        } else {
                                int *fd_list_array;
                                int len = 0;
 
-                               if (!out_fd_list) {
-                                       BT_FREE_PARAMS(in_param1, in_param2, in_param3, in_param4, out_param);
-                                       return BLUETOOTH_ERROR_INTERNAL;
-                               }
-
                                fd_list_array = g_unix_fd_list_steal_fds(out_fd_list, &len);
                                fd = fd_list_array[0];
 

diff --git a/bt-oal/oal-hf-client.c b/bt-oal/oal-hf-client.c
index 46f3faf..05dc62c 100644 (file)
--- a/bt-oal/oal-hf-client.c
+++ b/bt-oal/oal-hf-client.c
@@ -172,16 +172,19 @@ void cb_hf_client_connection_state(bthf_client_connection_state_t state, unsigne
        int event_type;
        bdstr_t bdstr;
        bt_address_t * event_data = NULL;
-       event_data = g_new0(bt_address_t, 1);
-       memcpy(event_data->addr, bd_addr->address, BT_ADDRESS_BYTES_NUM);
 
        if (bd_addr == NULL) {
                BT_ERR("Address is NULL");
-               if (event_data)
-                       g_free(event_data);
                return;
        }
 
+       event_data = g_new0(bt_address_t, 1);
+       if (event_data == NULL) {
+               BT_ERR("failed to allocate event_data");
+               return;
+       }
+       memcpy(event_data->addr, bd_addr->address, BT_ADDRESS_BYTES_NUM);
+
        BT_INFO("HFP Client Profile state = [%d],  BT Address = [%s]", state, bdt_bd2str((bt_address_t*)bd_addr, &bdstr));
        switch (state) {
        case BTHF_CLIENT_CONNECTION_STATE_DISCONNECTED: {
@@ -202,8 +205,7 @@ void cb_hf_client_connection_state(bthf_client_connection_state_t state, unsigne
        }
        default: {
                BT_INFO("Invalid state");
-               if (event_data)
-                       g_free(event_data);
+               g_free(event_data);
                return;
        }
        }

diff --git a/bt-oal/oal-hfp.c b/bt-oal/oal-hfp.c
index 7e1dee8..2e786dc 100644 (file)
--- a/bt-oal/oal-hfp.c
+++ b/bt-oal/oal-hfp.c
@@ -212,16 +212,19 @@ static void cb_hfp_connection_state(bthf_connection_state_t state, bt_bdaddr_t *
        int event_type;
        bdstr_t bdstr;
        bt_address_t * event_data = NULL;
-       event_data = g_new0(bt_address_t, 1);
-       memcpy(event_data->addr, bd_addr->address, BT_ADDRESS_BYTES_NUM);
 
        if (bd_addr == NULL) {
                BT_ERR("Address is NULL");
-               if (event_data)
-                       g_free(event_data);
                return;
        }
 
+       event_data = g_new0(bt_address_t, 1);
+       if (event_data == NULL) {
+               BT_ERR("failed to allocate event_data");
+               return;
+       }
+       memcpy(event_data->addr, bd_addr->address, BT_ADDRESS_BYTES_NUM);
+
        BT_INFO("HFP Profile state = [%d],  BT Address = [%s]", state, bdt_bd2str((bt_address_t*)bd_addr, &bdstr));
        switch (state) {
        case BTHF_CONNECTION_STATE_DISCONNECTED: {
@@ -242,8 +245,7 @@ static void cb_hfp_connection_state(bthf_connection_state_t state, bt_bdaddr_t *
        }
        default: {
                BT_INFO("Invalid state");
-               if (event_data)
-                       g_free(event_data);
+               g_free(event_data);
                return;
        }
        }
@@ -255,15 +257,19 @@ static void cb_hfp_audio_connection_state(bthf_audio_state_t state, bt_bdaddr_t
        int event_type;
        bdstr_t bdstr;
        bt_address_t * event_data = NULL;
-       event_data = g_new0(bt_address_t, 1);
-       memcpy(event_data->addr, bd_addr->address, BT_ADDRESS_BYTES_NUM);
 
        if (bd_addr == NULL) {
                BT_ERR("Address is NULL");
-               if (event_data)
-                       g_free(event_data);
                return;
        }
+
+       event_data = g_new0(bt_address_t, 1);
+       if (event_data == NULL) {
+               BT_ERR("failed to allocate event_data");
+               return;
+       }
+       memcpy(event_data->addr, bd_addr->address, BT_ADDRESS_BYTES_NUM);
+
        BT_INFO("HFP Audio state = [%d],  BT Address = [%s]", state, bdt_bd2str((bt_address_t*)bd_addr, &bdstr));
 
        switch (state) {
@@ -289,8 +295,7 @@ static void cb_hfp_audio_connection_state(bthf_audio_state_t state, bt_bdaddr_t
        }
        default: {
                BT_INFO("Invalid state");
-               if (event_data)
-                       g_free(event_data);
+               g_free(event_data);
                return;
        }
        }

diff --git a/bt-service-adaptation/services/device/bt-service-core-device.c b/bt-service-adaptation/services/device/bt-service-core-device.c
index a95b3b7..c20d330 100644 (file)
--- a/bt-service-adaptation/services/device/bt-service-core-device.c
+++ b/bt-service-adaptation/services/device/bt-service-core-device.c
@@ -908,9 +908,9 @@ static void __bt_device_handle_bond_failed_event(event_dev_bond_failed_t* bond_f
 
                BT_INFO("add device in pairing black list");
                _bt_set_autopair_status_in_bonding_info(FALSE);
-               __bt_ignore_auto_pairing_request(trigger_bond_info->addr);
 
                if (trigger_bond_info) {
+                       __bt_ignore_auto_pairing_request(trigger_bond_info->addr);
                        BT_ERR("Create Bond procedure could not suceed, check if cancelled by User");
                        if (trigger_bond_info->is_cancelled_by_user) {
                                BT_ERR("Bonding is cancelled by user");

diff --git a/bt-service-adaptation/services/obex/bt-service-obex-server.c b/bt-service-adaptation/services/obex/bt-service-obex-server.c
index 483c71f..2225bb4 100644 (file)
--- a/bt-service-adaptation/services/obex/bt-service-obex-server.c
+++ b/bt-service-adaptation/services/obex/bt-service-obex-server.c
@@ -259,11 +259,12 @@ static char *__bt_get_remote_device_name(const char *bdaddress)
 
        retv_if(bdaddress == NULL, NULL);
 
+       conn = _bt_get_system_gconn();
+       retv_if(conn == NULL, NULL);
+
        device_path = _bt_get_device_object_path((char *)bdaddress);
        retv_if(device_path == NULL, NULL);
 
-       conn = _bt_get_system_gconn();
-       retv_if(conn == NULL, NULL);
        BT_INFO("Device_path %s", device_path);
        device_proxy = g_dbus_proxy_new_sync(conn, G_DBUS_PROXY_FLAGS_NONE,
                                                NULL, BT_BLUEZ_NAME,
@@ -401,11 +402,12 @@ static void __bt_get_remote_device_name_authinfo(const char *bdaddress,
 
        ret_if(bdaddress == NULL);
 
+       conn = _bt_get_system_gconn();
+       ret_if(conn == NULL);
+
        device_path = _bt_get_device_object_path((char *)bdaddress);
        ret_if(device_path == NULL);
 
-       conn = _bt_get_system_gconn();
-       ret_if(conn == NULL);
        BT_INFO("Device_path %s", device_path);
        device_proxy = g_dbus_proxy_new_sync(conn, G_DBUS_PROXY_FLAGS_NONE,
                                                NULL, BT_BLUEZ_NAME,