When an error occurs while reading the file input stream in
g_file_load_contents (e.g. because the operation was cancelled), the
code is correctly calling g_task_return_error(), but in the callback
from the close operation, g_task_return_boolean() will be called again.
Code that cleans up its state in the async callback will then be called
twice, leading to invalid memory access.
https://bugzilla.gnome.org/show_bug.cgi?id=692202
if (read_size < 0)
{
- /* EOF, close the file */
g_task_return_error (data->task, error);
- g_input_stream_close_async (stream, 0,
- g_task_get_cancellable (data->task),
- load_contents_close_callback, data);
+ g_object_unref (data->task);
+
+ /* Close the file ignoring any error */
+ g_input_stream_close_async (stream, 0, NULL, NULL, NULL);
+ g_object_unref (stream);
}
else if (read_size == 0)
{