Fix issue in merged code for Tizen 3.0submit/tizen_wearable/20150612.045746submit/tizen_tv/20150612.045742submit/tizen_mobile/20150612.045738

Check discovery type only if discovery complete
is successful. In case status is not success,
dereferencing rp can lead to crash.

Change-Id: I186dd9a8f02fad7e782afee1146ae391cd82b57b
Signed-off-by: Anupam Roy <anupam.r@samsung.com>

1 files changed, 6 insertions, 5 deletions

diff --git a/src/adapter.c b/src/adapter.c
index 8eab02e1..056a5ce1 100644
--- a/src/adapter.c
+++ b/src/adapter.c
@@ -1695,9 +1695,6 @@ static void start_discovery_complete(uint8_t status, uint16_t length,
 	const struct mgmt_cp_start_discovery *rp = param;
 
 	DBG("status 0x%02x", status);
-#ifndef __TIZEN_PATCH__
-	DBG("Discovery Type 0x%02x", rp->type);
-#endif
 
 	if (length < sizeof(*rp)) {
 		error("Wrong size of start discovery return parameters");
@@ -1705,6 +1702,10 @@ static void start_discovery_complete(uint8_t status, uint16_t length,
 	}
 
 	if (status == MGMT_STATUS_SUCCESS) {
+#ifndef __TIZEN_PATCH__
+		DBG("Discovery Type 0x%02x", rp->type);
+#endif
+
 #ifdef __TIZEN_PATCH__
 		DBG("Return param discovery type 0x%02x", rp->type);
 		adapter->discovery_type |= rp->type;
@@ -1748,13 +1749,13 @@ static void start_le_discovery_complete(uint8_t status, uint16_t length,
 	const struct mgmt_cp_start_discovery *rp = param;
 
 	DBG("status 0x%02x", status);
-	DBG("Discovery Type 0x%02x", rp->type);
 	if (length < sizeof(*rp)) {
-		error("Wrong size of start discovery return parameters");
+		error("Wrong size of start LE discovery return parameters");
 		return;
 	}
 
 	if (status == MGMT_STATUS_SUCCESS) {
+		DBG("Discovery Type 0x%02x", rp->type);
 		adapter->discovery_type |= rp->type;
 		adapter->discovery_enable = 0x01;