afc_file_open: fixed memory leak when the object is not found or arguments are invalid.

1 files changed, 6 insertions, 3 deletions

diff --git a/src/afc.c b/src/afc.c
index b5203f1..b305859 100644
--- a/src/afc.c
+++ b/src/afc.c
@@ -616,6 +616,9 @@ idevice_error_t
 afc_file_open(afc_client_t client, const char *filename,
                                          afc_file_mode_t file_mode, uint64_t *handle)
 {
+        if (!client || !client->parent || !client->afc_packet)
+                return AFC_E_INVALID_ARG;
+
         uint64_t file_mode_loc = htole64(file_mode);
         uint32_t bytes = 0;
         char *data = (char *) malloc(sizeof(char) * (8 + strlen(filename) + 1));
@@ -624,9 +627,6 @@ afc_file_open(afc_client_t client, const char *filename,
         /* set handle to 0 so in case an error occurs, the handle is invalid */
         *handle = 0;
 
-        if (!client || !client->parent || !client->afc_packet)
-                return AFC_E_INVALID_ARG;
-
         afc_lock(client);
 
         /* Send command */
@@ -642,6 +642,7 @@ afc_file_open(afc_client_t client, const char *filename,
                 return AFC_E_NOT_ENOUGH_DATA;
         }
         /* Receive the data */
+        data = NULL;
         ret = afc_receive_data(client, &data, &bytes);
         if ((ret == AFC_E_SUCCESS) && (bytes > 0) && data) {
                 afc_unlock(client);
@@ -651,6 +652,8 @@ afc_file_open(afc_client_t client, const char *filename,
                 free(data);
                 return ret;
         }
+        /* in case memory was allocated but no data received or an error occurred */
+        free(data);
 
         debug_info("Didn't get any further data");