From eae3df7ee4edae506b1063252adfe46eabd3a37e Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Wed, 24 Dec 2014 19:23:13 +0200
Subject: [PATCH] P2P: Fix memory leak on GO startup failure path

Some of the struct hostapd_data variables get initialized with allocated
memory in the P2P GO case even before hapd->started has been set to 1.
As such, hostapd_free_hapd_data() needs to free these even if
!hapd->stated.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/ap/hostapd.c | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index bd3248000..2103747e7 100644
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -256,6 +256,16 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
 
 static void hostapd_free_hapd_data(struct hostapd_data *hapd)
 {
+	os_free(hapd->probereq_cb);
+	hapd->probereq_cb = NULL;
+
+#ifdef CONFIG_P2P
+	wpabuf_free(hapd->p2p_beacon_ie);
+	hapd->p2p_beacon_ie = NULL;
+	wpabuf_free(hapd->p2p_probe_resp_ie);
+	hapd->p2p_probe_resp_ie = NULL;
+#endif /* CONFIG_P2P */
+
 	if (!hapd->started) {
 		wpa_printf(MSG_ERROR, "%s: Interface %s wasn't started",
 			   __func__, hapd->conf->iface);
@@ -298,16 +308,6 @@ static void hostapd_free_hapd_data(struct hostapd_data *hapd)
 		}
 	}
 
-	os_free(hapd->probereq_cb);
-	hapd->probereq_cb = NULL;
-
-#ifdef CONFIG_P2P
-	wpabuf_free(hapd->p2p_beacon_ie);
-	hapd->p2p_beacon_ie = NULL;
-	wpabuf_free(hapd->p2p_probe_resp_ie);
-	hapd->p2p_probe_resp_ie = NULL;
-#endif /* CONFIG_P2P */
-
 	wpabuf_free(hapd->time_adv);
 
 #ifdef CONFIG_INTERWORKING