Fix for SDP data structure leak during pairing
During pairing, bluedroid initiates a SDP request to search services.
Upon SDP completion, some data structure buffers were not returned to
the pool resulting in leak.
Bug : 8797456
Change-Id: Ic512fd22ca6b8b748c5b92c02e24016fe785c0b1
diff --git a/btif/src/btif_dm.c b/btif/src/btif_dm.c
index 5a7cccd..3854ebd 100644
--- a/btif/src/btif_dm.c
+++ b/btif/src/btif_dm.c
@@ -586,12 +586,20 @@
{
case BTA_DM_DISC_RES_EVT:
{
- if ((p_src_data->disc_res.result == BTA_SUCCESS) &&
- (p_src_data->disc_res.num_uuids > 0))
+ if (p_src_data->disc_res.result == BTA_SUCCESS)
{
- p_dest_data->disc_res.p_uuid_list = (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH));
- memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list,
- p_src_data->disc_res.num_uuids*MAX_UUID_SIZE);
+ if (p_src_data->disc_res.num_uuids > 0)
+ {
+ p_dest_data->disc_res.p_uuid_list =
+ (UINT8*)(p_dest + sizeof(tBTA_DM_SEARCH));
+ memcpy(p_dest_data->disc_res.p_uuid_list, p_src_data->disc_res.p_uuid_list,
+ p_src_data->disc_res.num_uuids*MAX_UUID_SIZE);
+ GKI_freebuf(p_src_data->disc_res.p_uuid_list);
+ }
+ if (p_src_data->disc_res.p_raw_data != NULL)
+ {
+ GKI_freebuf(p_src_data->disc_res.p_raw_data);
+ }
}
} break;
}