A2DP: Fix regression introduce by 99c6f5221800a48e8ce0b1e070e97d1c26a0f90b Commit 99c6f5221800a48e8ce0b1e070e97d1c26a0f90b checks if there is a pending resume and in case OPEN fails it abort it as well, but it can cause a crash if resume was not requested and the setup is freed by finalize_config: Invalid read of size 4 at 0x4214AD: open_cfm (a2dp.c:730) by 0x424D07: handle_transport_connect (avdtp.c:878) by 0x4288F2: avdtp_connect_cb (avdtp.c:2419) by 0x4458B8: connect_cb (btio.c:230) by 0x4E79D12: g_main_context_dispatch (gmain.c:2539) by 0x4E7A05F: g_main_context_iterate.isra.23 (gmain.c:3146) by 0x4E7A459: g_main_loop_run (gmain.c:3340) by 0x44B0AC: main (main.c:583) Address 0x62c8564 is 68 bytes inside a block of size 88 free'd at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) by 0x420094: setup_free (a2dp.c:156) by 0x420101: setup_unref (a2dp.c:168) by 0x4201CF: setup_cb_free (a2dp.c:191) by 0x4203DC: finalize_config (a2dp.c:234) by 0x4214A8: open_cfm (a2dp.c:728) by 0x424D07: handle_transport_connect (avdtp.c:878) by 0x4288F2: avdtp_connect_cb (avdtp.c:2419) by 0x4458B8: connect_cb (btio.c:230) by 0x4E79D12: g_main_context_dispatch (gmain.c:2539) by 0x4E7A05F: g_main_context_iterate.isra.23 (gmain.c:3146) by 0x4E7A459: g_main_loop_run (gmain.c:3340)

Diffstat

1 files changed, 2 insertions(+), 6 deletions(-)