connect_service() calls __connman_service_connect() which may in turn call
reply_pending() which unrefs service->pending and sets it to NULL. Therefore,
connect_service() needs to check service->pending for NULL prior to calling
dbus_message_unref() on it.
---
src/service.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/service.c b/src/service.c
index cbca669..b0a4eeb 100644
--- a/src/service.c
+++ b/src/service.c
@@ -4022,8 +4022,10 @@ static DBusMessage *connect_service(DBusConnection *conn,
if (err == -EINPROGRESS)
return NULL;
- dbus_message_unref(service->pending);
- service->pending = NULL;
+ if (service->pending) {
+ dbus_message_unref(service->pending);
+ service->pending = NULL;
+ }
if (err < 0)
return __connman_error_failed(msg, -err);
--
1.8.3.2
_______________________________________________
connman mailing list
[email protected]
https://lists.connman.net/mailman/listinfo/connman
