git.osdn.net Git - android-x86/external-bluetooth-bluez.git/commit

obexd: Fix freeing apparam data on PBAP module

Invalid read of size 8
   at 0x40EC04: g_obex_apparam_free (gobex-apparam.c:362)
   by 0x41A66A: obc_transfer_free (transfer.c:272)
   by 0x413221: pending_request_free (session.c:163)
   by 0x413659: session_terminate_transfer (session.c:745)
   by 0x41A53E: xfer_complete (transfer.c:518)
   by 0x41B5D7: get_xfer_progress_first (transfer.c:562)
   by 0x409750: handle_response (gobex.c:948)
   by 0x40A609: incoming_data (gobex.c:1191)
   by 0x371D047824: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.3200.4)
   by 0x371D047B57: ??? (in /usr/lib64/libglib-2.0.so.0.3200.4)
   by 0x371D047F51: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.3200.4)
   by 0x40542F: main (main.c:175)
Address 0x4f64510 is 0 bytes inside a block of size 8 free'd
   at 0x4A079AE: free (vg_replace_malloc.c:427)
   by 0x371D04D50E: g_free (in /usr/lib64/libglib-2.0.so.0.3200.4)
   by 0x416060: phonebook_size_callback (pbap.c:266)
   by 0x413651: session_terminate_transfer (session.c:743)
   by 0x41A53E: xfer_complete (transfer.c:518)
   by 0x41B5D7: get_xfer_progress_first (transfer.c:562)
   by 0x409750: handle_response (gobex.c:948)
   by 0x40A609: incoming_data (gobex.c:1191)
   by 0x371D047824: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.3200.4)
   by 0x371D047B57: ??? (in /usr/lib64/libglib-2.0.so.0.3200.4)
   by 0x371D047F51: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.3200.4)
   by 0x40542F: main (main.c:175)

author	Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
	Tue, 9 Oct 2012 10:05:48 +0000 (12:05 +0200)
committer	Marcel Holtmann <marcel@holtmann.org>
	Tue, 4 Dec 2012 21:49:06 +0000 (22:49 +0100)
commit	33b0aeda71931ca41ba641bd6051336ee0424a95
tree	6d736bdbc8ba57ccf6cbe50e385b76cb3d0ce4c6	tree \| snapshot
parent	f1e88405c05f12689a1fe19e58fa1ddfc0612d83	commit \| diff