gfile: don't report completion twice on g_file_load_contents error

When an error occurs while reading the file input stream in
g_file_load_contents (e.g. because the operation was cancelled), the
code is correctly calling g_task_return_error(), but in the callback
from the close operation, g_task_return_boolean() will be called again.

Code that cleans up its state in the async callback will then be called
twice, leading to invalid memory access.

https://bugzilla.gnome.org/show_bug.cgi?id=692202

diff --git a/gio/gfile.c b/gio/gfile.c
index 3a0e947..e2f0d43 100644 (file)
--- a/gio/gfile.c
+++ b/gio/gfile.c
@@ -6514,11 +6514,12 @@ load_contents_read_callback (GObject      *obj,
 
   if (read_size < 0)
     {
-      /* EOF, close the file */
       g_task_return_error (data->task, error);
-      g_input_stream_close_async (stream, 0,
-                                  g_task_get_cancellable (data->task),
-                                  load_contents_close_callback, data);
+      g_object_unref (data->task);
+
+      /* Close the file ignoring any error */
+      g_input_stream_close_async (stream, 0, NULL, NULL, NULL);
+      g_object_unref (stream);
     }
   else if (read_size == 0)
     {