P2P: Fix NULL pointer dereference with SD query cancellation
A NULL pointer crash was caused by commit
7139cf4a4f
('P2P: Decrement
sd_pending_bcast_queries when sd returns'). p2p->sd_query can be cleared
to NULL whenever a query is cancelled, even in case the request had
already been transmitted. As such, need to be prepared for the query not
remaining when processing TX status callback for the frame.
Crashes on 2ee98 in following code
2ee90: f7fc f8b6 bl 2b000 <p2p_dbg>
2ee94: e02c b.n 2eef0 <p2p_send_action_cb+0x348>
2ee96: 6c25 ldr r5, [r4, #64] ; 0x40
2ee98: 68ee ldr r6, [r5, #12]
2ee9a: b166 cbz r6, 2eeb6 <p2p_send_action_cb+0x30e>
Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>
This commit is contained in:
parent
630b3230c8
commit
bff162ac76
1 changed files with 1 additions and 1 deletions
|
@ -2847,7 +2847,7 @@ static void p2p_sd_cb(struct p2p_data *p2p, int success)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (p2p->sd_query->for_all_peers) {
|
if (p2p->sd_query && p2p->sd_query->for_all_peers) {
|
||||||
/* Update the pending broadcast SD query count for this device
|
/* Update the pending broadcast SD query count for this device
|
||||||
*/
|
*/
|
||||||
p2p->sd_peer->sd_pending_bcast_queries--;
|
p2p->sd_peer->sd_pending_bcast_queries--;
|
||||||
|
|
Loading…
Reference in a new issue