projects / platform / upstream / iotivity.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5f158d5)
[CONPRO-1454]:[VD][DF190528-00531] Crash 16/211016/2
authorsourav bhuwalka <s.bhuwalka@samsung.com>
Wed, 3 Jul 2019 08:59:18 +0000 (14:29 +0530)
committerDoHyun Pyun <dh79.pyun@samsung.com>
Thu, 1 Aug 2019 23:09:22 +0000 (08:09 +0900)
resHandle is being freed twice once in DeleteClientCB and once
in OICFree(resHandle) in OCDoRequest in exit condition.
So freeing resHandle only if clientCB is NULL

https://github.sec.samsung.net/RS7-IOTIVITY/IoTivity/pull/532/commits/b63e8200da46aa3e5505288bcf284568798a6069
(cherry-picked from b63e8200da46aa3e5505288bcf284568798a6069)

Change-Id: I486cfb9038524292be6d311302719e36fce5aaa4
Signed-off-by: sourav bhuwalka <s.bhuwalka@samsung.com>
Signed-off-by: Sudipto Bal <sudipto.bal@samsung.com>
resource/csdk/stack/src/ocstack.c patch | blob | history

diff --git a/resource/csdk/stack/src/ocstack.c b/resource/csdk/stack/src/ocstack.c
index 240920f..caed6d9 100644 (file)
--- a/resource/csdk/stack/src/ocstack.c
+++ b/resource/csdk/stack/src/ocstack.c
@@ -3181,13 +3181,19 @@ exit:
         {
             cbData->cd(cbData->context);
         }
-        FindAndDeleteClientCB(clientCB);
-        CADestroyToken(token);
+        if (!clientCB)                 // token and resHandle associated with clientCB
+        {
+            CADestroyToken(token);
+            OICFree(resHandle);
+        }
+        else
+        {
+            FindAndDeleteClientCB(clientCB);
+        }
         if (handle)
         {
             *handle = NULL;
         }
-        OICFree(resHandle);
     }
 
     OICFree(requestInfo.info.payload);
Domain: Network & Connectivity / IoT Connectivity;