[gnome-software] snap: Handle invalid auth data

[Richard Hughes <rhughes src gnome org>]

commit 349d997195c45e5122d5a43d191fd4c2116ab3f1
Author: Robert Ancell <robert ancell canonical com>
Date:   Fri Mar 20 16:07:23 2020 +1300

    snap: Handle invalid auth data
    
    This would previously generate warnings if the auth data was empty or invalid.

 plugins/snap/gs-plugin-snap.c | 11 +++++++++++
 1 file changed, 11 insertions(+)
---
diff --git a/plugins/snap/gs-plugin-snap.c b/plugins/snap/gs-plugin-snap.c
index 3abc82e1..321afe76 100644
--- a/plugins/snap/gs-plugin-snap.c
+++ b/plugins/snap/gs-plugin-snap.c
@@ -63,7 +63,18 @@ get_auth_data (GsPlugin *plugin)
        }
 
        root = json_parser_get_root (parser);
+       if (root == NULL)
+               return NULL;
+
+       if (json_node_get_node_type (root) != JSON_NODE_OBJECT) {
+               g_warning ("Ignoring invalid snap auth data in %s", path);
+               return NULL;
+       }
        object = json_node_get_object (root);
+       if (!json_object_has_member (object, "macaroon")) {
+               g_warning ("Ignoring invalid snap auth data in %s", path);
+               return NULL;
+       }
        macaroon = json_object_get_string_member (object, "macaroon");
        discharges = g_ptr_array_new ();
        if (json_object_has_member (object, "discharges")) {