From: Philip Jägenstedt <philipj@opera.com>
Date: Wed, 15 Jun 2011 11:51:31 +0000 (+0200)
Subject: typefind: NULL check in degas_type_find
X-Git-Tag: 1.19.3~511^2~6555^2~790
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f3e65f1c9374df13e4fa082bc750ce94e38c58de;p=platform%2Fupstream%2Fgstreamer.git

typefind: NULL check in degas_type_find

The length check isn't sufficient, an source might
report the correct length, but then still fail to
read the requested number of bytes for some reason.

https://bugzilla.gnome.org/show_bug.cgi?id=652642
---

diff --git a/gst/typefind/gsttypefindfunctions.c b/gst/typefind/gsttypefindfunctions.c
index 55152e8..ed393d8 100644
--- a/gst/typefind/gsttypefindfunctions.c
+++ b/gst/typefind/gsttypefindfunctions.c
@@ -4078,6 +4078,8 @@ degas_type_find (GstTypeFind * tf, gpointer private)
   if (len < 34)                 /* smallest header of the lot */
     return;
   data = gst_type_find_peek (tf, 0, 4);
+  if (G_UNLIKELY (data == NULL))
+    return;
   resolution = GST_READ_UINT16_BE (data);
   if (len == 32034) {
     /* could be DEGAS */
@@ -4088,6 +4090,8 @@ degas_type_find (GstTypeFind * tf, gpointer private)
     /* could be DEGAS Elite */
     if (resolution <= 2) {
       data = gst_type_find_peek (tf, len - 16, 8);
+      if (G_UNLIKELY (data == NULL))
+	return;
       for (n = 0; n < 4; n++) {
         if (GST_READ_UINT16_BE (data + n * 2) > 2)
           return;
@@ -4100,6 +4104,8 @@ degas_type_find (GstTypeFind * tf, gpointer private)
        it does have 4 16 bytes values near the end that are 0-2 though. */
     if ((resolution & 0x8000) && (resolution & 0x7fff) <= 2) {
       data = gst_type_find_peek (tf, len - 16, 8);
+      if (G_UNLIKELY (data == NULL))
+	return;
       for (n = 0; n < 4; n++) {
         if (GST_READ_UINT16_BE (data + n * 2) > 2)
           return;