typefind: NULL check in degas_type_find

The length check isn't sufficient, an source might
report the correct length, but then still fail to
read the requested number of bytes for some reason.

https://bugzilla.gnome.org/show_bug.cgi?id=652642

diff --git a/gst/typefind/gsttypefindfunctions.c b/gst/typefind/gsttypefindfunctions.c
index 55152e8..ed393d8 100644 (file)
--- a/gst/typefind/gsttypefindfunctions.c
+++ b/gst/typefind/gsttypefindfunctions.c
@@ -4078,6 +4078,8 @@ degas_type_find (GstTypeFind * tf, gpointer private)
   if (len < 34)                 /* smallest header of the lot */
     return;
   data = gst_type_find_peek (tf, 0, 4);
+  if (G_UNLIKELY (data == NULL))
+    return;
   resolution = GST_READ_UINT16_BE (data);
   if (len == 32034) {
     /* could be DEGAS */
@@ -4088,6 +4090,8 @@ degas_type_find (GstTypeFind * tf, gpointer private)
     /* could be DEGAS Elite */
     if (resolution <= 2) {
       data = gst_type_find_peek (tf, len - 16, 8);
+      if (G_UNLIKELY (data == NULL))
+       return;
       for (n = 0; n < 4; n++) {
         if (GST_READ_UINT16_BE (data + n * 2) > 2)
           return;
@@ -4100,6 +4104,8 @@ degas_type_find (GstTypeFind * tf, gpointer private)
        it does have 4 16 bytes values near the end that are 0-2 though. */
     if ((resolution & 0x8000) && (resolution & 0x7fff) <= 2) {
       data = gst_type_find_peek (tf, len - 16, 8);
+      if (G_UNLIKELY (data == NULL))
+       return;
       for (n = 0; n < 4; n++) {
         if (GST_READ_UINT16_BE (data + n * 2) > 2)
           return;