subparse: don't deref a potentially NULL variable

If the html SAMI data is malformed, then retrieving the attribute name
may fail.  We then cannot retrieve the attribute value.

Fixes: https://oss-fuzz.com/testcase-detail/4700130671984640
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2317>

diff --git a/subprojects/gst-plugins-base/gst/subparse/samiparse.c b/subprojects/gst-plugins-base/gst/subparse/samiparse.c
index 9b6c655..93ea803 100644 (file)
--- a/subprojects/gst-plugins-base/gst/subparse/samiparse.c
+++ b/subprojects/gst-plugins-base/gst/subparse/samiparse.c
@@ -494,6 +494,10 @@ html_context_handle_element (HtmlContext * ctxt,
     gchar *attr_name = NULL, *attr_value = NULL;
     gsize length;
     next = string_token (next + 1, "=", &attr_name);
+    if (!next) {
+      g_free (attr_name);
+      break;
+    }
     next = string_token (next + 1, " ", &attr_value);
 
     /* strip " or ' from attribute value */