From 483b1d77c917e45f115f46d41d72de4d4e672a03 Mon Sep 17 00:00:00 2001
From: Hyuk Lee <hyuk0512.lee@samsung.com>
Date: Fri, 14 Oct 2016 13:38:45 +0900
Subject: [PATCH] NULL check add in response of the MGMT command

Change-Id: I402f8797f4323f1e5a80472034a5d035c9498b2a
Signed-off-by: Hyuk Lee <hyuk0512.lee@samsung.com>
---
 src/adapter.c | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/src/adapter.c b/src/adapter.c
index a1e0d75..defaa1c 100644
--- a/src/adapter.c
+++ b/src/adapter.c
@@ -1630,6 +1630,11 @@ static void passive_scanning_complete(uint8_t status, uint16_t length,
 	struct btd_adapter *adapter = user_data;
 	const struct mgmt_cp_start_discovery *rp = param;
 
+	if (!rp) {
+		error("Error ocurred in Scanning, rp is NULL");
+		return;
+	}
+
 	DBG("status 0x%02x", status);
 
 	if (length < sizeof(*rp)) {
@@ -1913,6 +1918,11 @@ static void start_le_discovery_complete(uint8_t status, uint16_t length,
 	struct btd_adapter *adapter = user_data;
 	const struct mgmt_cp_start_discovery *rp = param;
 
+	if (!rp) {
+		error("Error ocurred in LEDiscovering, rp is NULL");
+		return;
+	}
+
 	DBG("status 0x%02x", status);
 	DBG("Discovery Type 0x%02x", rp->type);
 	if (length < sizeof(*rp)) {
@@ -4006,6 +4016,11 @@ static void get_adv_tx_power_complete(uint8_t status, uint16_t length,
 	struct btd_adapter *adapter = user_data;
 	const struct mgmt_rp_get_adv_tx_power *rp = param;
 
+	if (!rp) {
+		error("Error ocurred in Getting adv tx power, rp is NULL");
+		return;
+	}
+
 	if (status != MGMT_STATUS_SUCCESS) {
 		error("Failed to get adv tx power: %s (0x%02x)",
 						mgmt_errstr(status), status);
@@ -4134,6 +4149,12 @@ static void le_read_maximum_data_length_return_param_complete(
 	uint16_t max_tx_octects, max_tx_time;
 	uint16_t max_rx_octects, max_rx_time;
 
+	if (!rp) {
+		error("Error ocurred in Reading maximum data length, rp is NULL");
+		g_free(adapter->read_handler);
+		return;
+	}
+
 	if (status != MGMT_STATUS_SUCCESS) {
 		error("le read maximum data length failed: %s (0x%02x)",
 			mgmt_errstr(status), status);
@@ -4141,6 +4162,8 @@ static void le_read_maximum_data_length_return_param_complete(
 		max_tx_time =0;
 		max_rx_octects = 0;
 		max_rx_time = 0;
+
+		g_free(adapter->read_handler);
 		return;
 	}
 
@@ -4323,11 +4346,25 @@ static void le_read_suggested_default_data_length_return_param_complete(
 	const struct mgmt_rp_le_read_host_suggested_data_length *rp = param;
 	uint16_t def_tx_octects, def_tx_time;
 
+	if (!rp) {
+		error("Error ocurred in Reading suggested data length, rp is NULL");
+		if (adapter->def_read_handler)
+			g_free(adapter->def_read_handler->user_data);
+
+		g_free(adapter->def_read_handler);
+		return;
+	}
+
 	if (status != MGMT_STATUS_SUCCESS) {
 		error("Read host suggested def le data length values failed: %s (0x%02x)",
 			mgmt_errstr(status), status);
 		def_tx_octects = 0;
 		def_tx_time =0;
+
+		if (adapter->def_read_handler)
+			g_free(adapter->def_read_handler->user_data);
+
+		g_free(adapter->def_read_handler);
 		return;
 	}
 
-- 
2.7.4