[totem-pl-parser] plparse: Fix possible crash in iTunes Podcast parsing

From: Bastien Nocera <hadess src gnome org>
To: commits-list gnome org
Cc:
Subject: [totem-pl-parser] plparse: Fix possible crash in iTunes Podcast parsing
Date: Sun, 6 Oct 2013 12:38:45 +0000 (UTC)

commit e3ba8a90fed04ec41a2c52e80d5422787ff6fdf1
Author: Bastien Nocera <hadess hadess net>
Date:   Sun Oct 6 14:37:03 2013 +0200

    plparse: Fix possible crash in iTunes Podcast parsing
    
    Check the return value of totem_pl_parser_load_http_itunes()
    to avoid possible crash.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=709296

 plparse/totem-pl-parser-podcast.c |   25 ++++++++++++-------------
 1 files changed, 12 insertions(+), 13 deletions(-)
---
diff --git a/plparse/totem-pl-parser-podcast.c b/plparse/totem-pl-parser-podcast.c
index 3be806f..7c5afa1 100644
--- a/plparse/totem-pl-parser-podcast.c
+++ b/plparse/totem-pl-parser-podcast.c
@@ -693,7 +693,7 @@ totem_pl_parser_get_feed_uri (char *data, gsize len, gboolean debug)
 {
        xml_node_t* doc;
        const char *uri;
-       GFile *ret;
+       GFile *ret = NULL;
        GByteArray *content;
 
        uri = NULL;
@@ -716,11 +716,8 @@ totem_pl_parser_get_feed_uri (char *data, gsize len, gboolean debug)
                return NULL;
 
        /* If the document has no name */
-       if (doc->name == NULL
-           || g_ascii_strcasecmp (doc->name, "plist") != 0) {
-               xml_parser_free_tree (doc);
-               return NULL;
-       }
+       if (doc->name == NULL || g_ascii_strcasecmp (doc->name, "plist") != 0)
+               goto out;
 
        /* Redirect plist? Find a goto action */
        uri = totem_pl_parser_parse_plist (doc);
@@ -728,15 +725,17 @@ totem_pl_parser_get_feed_uri (char *data, gsize len, gboolean debug)
        if (debug)
                g_print ("Found redirect URL: %s\n", uri);
 
-       if (uri == NULL) {
-               return NULL;
-       } else {
+       if (uri == NULL)
+               goto out;
 
-               content = totem_pl_parser_load_http_itunes (uri, debug);
-               ret = totem_pl_parser_get_feed_uri ((char *) content->data, content->len, debug);
-               g_byte_array_free (content, TRUE);
-       }
+       content = totem_pl_parser_load_http_itunes (uri, debug);
+       if (!content)
+               goto out;
+       ret = totem_pl_parser_get_feed_uri ((char *) content->data, content->len, debug);
+       g_byte_array_free (content, TRUE);
 
+out:
+       xml_parser_free_tree (doc);
        return ret;
 }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]