qcacmn: Fix use-after-free issue in util_scan_parse_mbssid

In some scenario, mbssid_info->prof_residue could be set to
true, hence mbssid_info->split_prof_continue will also be
set to true. Then for the next loop if buffer split_prof_start
is freed but split_prof_end does not reinitialize to NULL,
then use-after-free happens.

To address this issue, reinitialize split_prof_end properly
when split_prof_start is freed.

Change-Id: Iad7448868cfa4c2dd7922f6c1b2622cf20a6a28c
CRs-Fixed: 3583521

umac/scan/dispatcher/src/wlan_scan_utils_api.c

@@ -3465,6 +3465,7 @@ static QDF_STATUS util_scan_parse_mbssid(struct wlan_objmgr_pdev *pdev,
 				if (mbssid_info.split_prof_continue) {
 					qdf_mem_free(split_prof_start);
 					split_prof_start = NULL;
+					split_prof_end = NULL;
 				}
 				continue;
 			}
@@ -3534,6 +3535,7 @@ static QDF_STATUS util_scan_parse_mbssid(struct wlan_objmgr_pdev *pdev,
 				if (mbssid_info.split_prof_continue) {
 					qdf_mem_free(split_prof_start);
 					split_prof_start = NULL;
+					split_prof_end = NULL;
 					qdf_mem_zero(&mbssid_info,
 						     sizeof(mbssid_info));
 				}
@@ -3547,6 +3549,7 @@ static QDF_STATUS util_scan_parse_mbssid(struct wlan_objmgr_pdev *pdev,
 			if (mbssid_info.split_prof_continue) {
 				qdf_mem_free(split_prof_start);
 				split_prof_start = NULL;
+				split_prof_end = NULL;
 			}
 			qdf_mem_free(new_frame);
 		}