From f3dc8d446d2645c58693ed8ee1671241048f812a Mon Sep 17 00:00:00 2001
From: "tomita.y" <tomita.y@jp.fujitsu.com>
Date: Mon, 25 Feb 2019 15:55:02 +0900
Subject: [PATCH] Fixed a problem of double free.

---
 openair2/LAYER2/PDCP_v10.1.0/pdcp.c      | 6 +++++-
 openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp.c b/openair2/LAYER2/PDCP_v10.1.0/pdcp.c
index 7f05e05bb0..ce486dcfa4 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp.c
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp.c
@@ -769,7 +769,11 @@ pdcp_data_ind(
          */
           if (nfapi_mode == 3) {
 #ifdef UESIM_EXPANSION
-            ((pdcp_data_ind_header_t*) new_sdu_p->data)->inst  = 0;
+            if (UE_NAS_USE_TUN) {
+              ((pdcp_data_ind_header_t*) new_sdu_p->data)->inst  = ctxt_pP->module_id;
+            } else {
+              ((pdcp_data_ind_header_t*) new_sdu_p->data)->inst  = 0;
+            }
 #else
             ((pdcp_data_ind_header_t*) new_sdu_p->data)->inst  = ctxt_pP->module_id;
 #endif
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c b/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c
index 9532cf3324..4b20cf16a4 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c
@@ -109,7 +109,7 @@ int pdcp_fifo_flush_sdus(const protocol_ctxt_t *const  ctxt_pP) {
   int              pdcp_nb_sdu_sent = 0;
   int              ret=0;
 
-  while ((sdu_p = list_get_head (&pdcp_sdu_list)) != NULL) {
+  while ((sdu_p = list_get_head (&pdcp_sdu_list)) != NULL && ((pdcp_data_ind_header_t *)(sdu_p->data))->inst == ctxt_pP->module_id) {
     ((pdcp_data_ind_header_t *)(sdu_p->data))->inst = 0;
     int rb_id = ((pdcp_data_ind_header_t *)(sdu_p->data))->rb_id;
     int sizeToWrite= sizeof (pdcp_data_ind_header_t) +
-- 
GitLab