From 7ebd34dd7ec14cf31ffdf078ccb2bc0b981660c6 Mon Sep 17 00:00:00 2001
From: sourav bhuwalka <s.bhuwalka@samsung.com>
Date: Wed, 3 Jul 2019 14:29:18 +0530
Subject: [PATCH] [CONPRO-1454]:[VD][DF190528-00531] Crash

resHandle is being freed twice once in DeleteClientCB and once
in OICFree(resHandle) in OCDoRequest in exit condition.
So freeing resHandle only if clientCB is NULL

https://github.sec.samsung.net/RS7-IOTIVITY/IoTivity/pull/532/commits/b63e8200da46aa3e5505288bcf284568798a6069
(cherry-picked from b63e8200da46aa3e5505288bcf284568798a6069)

Change-Id: I486cfb9038524292be6d311302719e36fce5aaa4
Signed-off-by: sourav bhuwalka <s.bhuwalka@samsung.com>
Signed-off-by: Sudipto Bal <sudipto.bal@samsung.com>
---
 resource/csdk/stack/src/ocstack.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/resource/csdk/stack/src/ocstack.c b/resource/csdk/stack/src/ocstack.c
index 240920f..caed6d9 100644
--- a/resource/csdk/stack/src/ocstack.c
+++ b/resource/csdk/stack/src/ocstack.c
@@ -3181,13 +3181,19 @@ exit:
         {
             cbData->cd(cbData->context);
         }
-        FindAndDeleteClientCB(clientCB);
-        CADestroyToken(token);
+        if (!clientCB)                 // token and resHandle associated with clientCB
+        {
+            CADestroyToken(token);
+            OICFree(resHandle);
+        }
+        else
+        {
+            FindAndDeleteClientCB(clientCB);
+        }
         if (handle)
         {
             *handle = NULL;
         }
-        OICFree(resHandle);
     }
 
     OICFree(requestInfo.info.payload);
-- 
2.7.4