P2P: Fix memory leak on GO startup failure path

Some of the struct hostapd_data variables get initialized with allocated
memory in the P2P GO case even before hapd->started has been set to 1.
As such, hostapd_free_hapd_data() needs to free these even if
!hapd->stated.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index bd32480..2103747 100644 (file)
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -256,6 +256,16 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
 
 static void hostapd_free_hapd_data(struct hostapd_data *hapd)
 {
+       os_free(hapd->probereq_cb);
+       hapd->probereq_cb = NULL;
+
+#ifdef CONFIG_P2P
+       wpabuf_free(hapd->p2p_beacon_ie);
+       hapd->p2p_beacon_ie = NULL;
+       wpabuf_free(hapd->p2p_probe_resp_ie);
+       hapd->p2p_probe_resp_ie = NULL;
+#endif /* CONFIG_P2P */
+
        if (!hapd->started) {
                wpa_printf(MSG_ERROR, "%s: Interface %s wasn't started",
                           __func__, hapd->conf->iface);
@@ -298,16 +308,6 @@ static void hostapd_free_hapd_data(struct hostapd_data *hapd)
                }
        }
 
-       os_free(hapd->probereq_cb);
-       hapd->probereq_cb = NULL;
-
-#ifdef CONFIG_P2P
-       wpabuf_free(hapd->p2p_beacon_ie);
-       hapd->p2p_beacon_ie = NULL;
-       wpabuf_free(hapd->p2p_probe_resp_ie);
-       hapd->p2p_probe_resp_ie = NULL;
-#endif /* CONFIG_P2P */
-
        wpabuf_free(hapd->time_adv);
 
 #ifdef CONFIG_INTERWORKING