==1071== Invalid read of size 4
==1071== at 0x48DBB00: g_slist_length (gslist.c:856)
==1071== by 0x12A3C7: add_or_replace_bss_to_network (supplicant.c:1930)
==1071== by 0x12BB4D: signal_bss_changed (supplicant.c:3194)
==1071== by 0x12AFD1: g_supplicant_filter (supplicant.c:4038)
==1071== by 0x4998A17: dbus_connection_dispatch (dbus-connection.c:4808)
==1071== by 0x18E931: message_dispatch (mainloop.c:76)
==1071== by 0x48BB8E7: g_main_dispatch (gmain.c:3234)
==1071== by 0x48BB8E7: g_main_context_dispatch (gmain.c:3887)
==1071== by 0x48BBC77: g_main_context_iterate.isra.30 (gmain.c:3960)
==1071== by 0x48BBFD7: g_main_loop_run (gmain.c:4156)
==1071== by 0x119389: main (main.c:851)
==1071== Address 0x4e800a4 is 4 bytes inside a block of size 8 free'd
==1071== at 0x4846EC8: free (vg_replace_malloc.c:530)
==1071== by 0x48DB10F: g_slice_free_chain_with_offset (gslice.c:1232)
==1071== by 0x12A03F: remove_bss (supplicant.c:841)
==1071== by 0x48A858F: g_hash_table_remove_all_nodes.part.0 (ghash.c:548)
==1071== by 0x48A95B7: g_hash_table_remove_all_nodes (ghash.c:1428)
==1071== by 0x48A95B7: g_hash_table_remove_all (ghash.c:1431)
==1071== by 0x48A964B: g_hash_table_destroy (ghash.c:1124)
==1071== by 0x12A8E5: remove_network (supplicant.c:814)
==1071== by 0x48A8A3F: g_hash_table_remove_internal (ghash.c:1360)
==1071== by 0x12BB47: signal_bss_changed (supplicant.c:3192)
==1071== by 0x12AFD1: g_supplicant_filter (supplicant.c:4038)
==1071== by 0x4998A17: dbus_connection_dispatch (dbus-connection.c:4808)
==1071== by 0x18E931: message_dispatch (mainloop.c:76)
==1071== Block was alloc'd at
==1071== at 0x48458A4: malloc (vg_replace_malloc.c:299)
==1071== by 0x48C11B3: g_malloc (gmem.c:94)
==1071== by 0x48DA4A3: g_slice_alloc (gslice.c:1025)
==1071== by 0x48DB4AF: g_slist_prepend (gslist.c:254)
==1071== by 0x12C7D7: bss_process_ies (supplicant.c:2176)
==1071== by 0x12C7D7: bss_property (supplicant.c:2388)
==1071== by 0x1301FF: supplicant_dbus_property_foreach (dbus.c:145)
==1071== by 0x1302A1: property_get_all_reply (dbus.c:184)
==1071== by 0x498FABB: complete_pending_call_and_unlock (dbus-connection.c:2340)
==1071== by 0x49981BF: dbus_connection_dispatch (dbus-connection.c:4757)
==1071== by 0x18E931: message_dispatch (mainloop.c:76)
==1071== by 0x48BB8E7: g_main_dispatch (gmain.c:3234)
==1071== by 0x48BB8E7: g_main_context_dispatch (gmain.c:3887)
==1071== by 0x48BBC77: g_main_context_iterate.isra.30 (gmain.c:3960)
==1679== Invalid read of size 4
==1679== at 0x484D358: memmove (vg_replace_strmem.c:1258)
==1679== by 0x49D8307: memmove (string3.h:59)
==1679== by 0x49D8307: copy.isra.3 (dbus-string.c:1219)
==1679== by 0x49D209F: marshal_1_octets_array (dbus-marshal-basic.c:868)
==1679== by 0x49D209F: _dbus_marshal_write_fixed_multi (dbus-marshal-basic.c:1041)
==1679== by 0x49A4A3B: _dbus_type_writer_write_fixed_multi (dbus-marshal-recursive.c:2681)
==1679== by 0x13088D: supplicant_dbus_property_append_fixed_array (dbus.c:611)
==1679== by 0x12E775: supplicant_dbus_dict_append_fixed_array (dbus.h:121)
==1679== by 0x12E775: interface_add_network_params (supplicant.c:5518)
==1679== by 0x1306FB: supplicant_dbus_method_call (dbus.c:515)
==1679== by 0x12AF05: decryption_request_reply (supplicant.c:5713)
==1679== by 0x498FABB: complete_pending_call_and_unlock (dbus-connection.c:2340)
==1679== by 0x49981BF: dbus_connection_dispatch (dbus-connection.c:4757)
==1679== by 0x18E931: message_dispatch (mainloop.c:76)
==1679== by 0x48BB8E7: g_main_dispatch (gmain.c:3234)
==1679== by 0x48BB8E7: g_main_context_dispatch (gmain.c:3887)
Change-Id: I53652b06891fa8465e9dd425f425210ebc67ee9f
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
};
struct _GSupplicantSSID {
};
struct _GSupplicantSSID {
+#if defined TIZEN_EXT
+ void *ssid;
+#else
unsigned int ssid_len;
unsigned int scan_ssid;
GSupplicantMode mode;
unsigned int ssid_len;
unsigned int scan_ssid;
GSupplicantMode mode;
memcpy(new_bss, bss, sizeof(struct g_supplicant_bss));
new_bss->path = g_strdup(bss->path);
memcpy(new_bss, bss, sizeof(struct g_supplicant_bss));
new_bss->path = g_strdup(bss->path);
+#if defined TIZEN_EXT
+ new_bss->vsie_list = NULL;
+#endif
g_hash_table_remove(interface->network_table, network->group);
g_hash_table_remove(interface->network_table, network->group);
if (data->callback)
data->callback(err, data->interface, data->user_data);
if (data->callback)
data->callback(err, data->interface, data->user_data);
+#if defined TIZEN_EXT
+ g_free(data->ssid->ssid);
+#endif
g_free(data->ssid);
dbus_free(data);
}
g_free(data->ssid);
dbus_free(data);
}
+#if defined TIZEN_EXT
+ g_free(data->ssid->ssid);
+#endif
g_free(data->ssid);
g_free(data);
}
g_free(data->ssid);
g_free(data);
}
SUPPLICANT_DBG("AddNetwork failed %d", ret);
callback_assoc_failed(decrypt_request_data.data->user_data);
g_free(data->path);
SUPPLICANT_DBG("AddNetwork failed %d", ret);
callback_assoc_failed(decrypt_request_data.data->user_data);
g_free(data->path);
+#if defined TIZEN_EXT
+ g_free(data->ssid->ssid);
+#endif
g_free(data->ssid);
dbus_free(data);
}
g_free(data->ssid);
dbus_free(data);
}
static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network)
{
const char *security;
static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network)
{
const char *security;
+#if defined TIZEN_EXT
+ const void *ssid_data;
+#endif
memset(ssid, 0, sizeof(*ssid));
ssid->mode = G_SUPPLICANT_MODE_INFRA;
memset(ssid, 0, sizeof(*ssid));
ssid->mode = G_SUPPLICANT_MODE_INFRA;
+#if defined TIZEN_EXT
+ ssid_data = connman_network_get_blob(network, "WiFi.SSID",
+ &ssid->ssid_len);
+ ssid->ssid = g_try_malloc0(ssid->ssid_len);
+ memcpy(ssid->ssid, ssid_data, ssid->ssid_len);
+#else
ssid->ssid = connman_network_get_blob(network, "WiFi.SSID",
&ssid->ssid_len);
ssid->ssid = connman_network_get_blob(network, "WiFi.SSID",
&ssid->ssid_len);
ssid->scan_ssid = 1;
security = connman_network_get_string(network, "WiFi.Security");
ssid->security = network_security(security);
ssid->scan_ssid = 1;
security = connman_network_get_string(network, "WiFi.Security");
ssid->security = network_security(security);
if (wifi->disconnecting) {
wifi->pending_network = network;
if (wifi->disconnecting) {
wifi->pending_network = network;
+#if defined TIZEN_EXT
+ g_free(ssid->ssid);
+#endif
g_free(ssid);
} else {
wifi->network = connman_network_ref(network);
g_free(ssid);
} else {
wifi->network = connman_network_ref(network);
return NULL;
ap->mode = G_SUPPLICANT_MODE_MASTER;
return NULL;
ap->mode = G_SUPPLICANT_MODE_MASTER;
+#if defined TIZEN_EXT
+ ap->ssid = (void *) ssid;
+#else
ap->ssid_len = strlen(ssid);
ap->scan_ssid = 0;
ap->freq = 2412;
ap->ssid_len = strlen(ssid);
ap->scan_ssid = 0;
ap->freq = 2412;