`ucv_array_set` releases the array's reference to the object being cleared.
If this is the last reference to the object, it will be freed, making our
pointer `val` invalid.
To avoid this, we need to obtain our own reference to the object so we
can safely return `val`.
Signed-off-by: Matthew Cather <mattbob4@gmail.com>
(cherry picked from commit
6a10da2934441a59283394a84917edf4983e3043)
void hostapd_ucode_free_iface(struct hostapd_iface *iface)
{
- wpa_ucode_registry_remove(iface_registry, iface->ucode.idx);
+ ucv_put(wpa_ucode_registry_remove(iface_registry, iface->ucode.idx));
}
void hostapd_ucode_bss_cb(struct hostapd_data *hapd, const char *type)
uc_value_push(ucv_string_new(hapd->conf->iface));
uc_value_push(ucv_get(val));
ucv_put(wpa_ucode_call(2));
+
+ ucv_put(val);
ucv_gc(vm);
}
if (!val)
return NULL;
+ ucv_get(val);
ucv_array_set(reg, idx - 1, NULL);
dataptr = ucv_resource_dataptr(val, NULL);
if (dataptr)
uc_value_push(ucv_string_new(wpa_s->ifname));
uc_value_push(ucv_get(val));
ucv_put(wpa_ucode_call(2));
+ ucv_put(val);
ucv_gc(vm);
}
projects / thirdparty / openwrt.git / commitdiff
