From 2756f24f0e3fe1e6ff8c894306fe30649ddd0b07 Mon Sep 17 00:00:00 2001 From: Andrew Zaborowski Date: Wed, 8 Feb 2017 01:38:42 +0100 Subject: [PATCH] scan: More cleanup in scan_cancel Add sr NULL check before accessing sr->id. Call scan_request_free on request structure and call the destroy callback. Cancel the netlink TRIGGER_SCAN command if still running and try starting the next scan in the queue. It'll probably still fail with EBUSY but it'll be reattempted later. --- src/scan.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/src/scan.c b/src/scan.c index ece061a5..90d9f84f 100644 --- a/src/scan.c +++ b/src/scan.c @@ -388,9 +388,23 @@ bool scan_cancel(uint32_t ifindex, uint32_t id) return false; sr = l_queue_peek_head(sc->requests); + if (!sr) + return false; - /* If the scan has already been triggered, just zero out the callback */ - if (sr->id == id && sr->triggered) { + /* If we already sent the trigger command, cancel the scan */ + if (sr->id == id && !sr->start_cmd) { + if (!sr->triggered && sc->start_cmd_id) { + l_genl_family_cancel(nl80211, sc->start_cmd_id); + sc->start_cmd_id = 0; + + l_queue_pop_head(sc->requests); + + start_next_scan_request(sc); + + goto free; + } + + /* If already triggered, just zero out the callback */ sr->callback = NULL; if (sr->destroy) { @@ -406,6 +420,12 @@ bool scan_cancel(uint32_t ifindex, uint32_t id) if (!sr) return false; +free: + if (sr->destroy) + sr->destroy(sr->userdata); + + scan_request_free(sr); + return true; }