From e02b675d265d9be3abccbd3b730bb7dffbf811e3 Mon Sep 17 00:00:00 2001
From: Aaron Burghardt
Date: Mon, 18 Aug 2014 16:56:15 -0400
Subject: afc_file_open: fixed memory leak when the object is not found or
 arguments are invalid.

---
 src/afc.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/afc.c b/src/afc.c
index b5203f1..b305859 100644
--- a/src/afc.c
+++ b/src/afc.c
@@ -616,6 +616,9 @@ idevice_error_t
 afc_file_open(afc_client_t client, const char *filename,
 					 afc_file_mode_t file_mode, uint64_t *handle)
 {
+	if (!client || !client->parent || !client->afc_packet)
+		return AFC_E_INVALID_ARG;
+
 	uint64_t file_mode_loc = htole64(file_mode);
 	uint32_t bytes = 0;
 	char *data = (char *) malloc(sizeof(char) * (8 + strlen(filename) + 1));
@@ -624,9 +627,6 @@ afc_file_open(afc_client_t client, const char *filename,
 	/* set handle to 0 so in case an error occurs, the handle is invalid */
 	*handle = 0;
 
-	if (!client || !client->parent || !client->afc_packet)
-		return AFC_E_INVALID_ARG;
-
 	afc_lock(client);
 
 	/* Send command */
@@ -642,6 +642,7 @@ afc_file_open(afc_client_t client, const char *filename,
 		return AFC_E_NOT_ENOUGH_DATA;
 	}
 	/* Receive the data */
+	data = NULL;
 	ret = afc_receive_data(client, &data, &bytes);
 	if ((ret == AFC_E_SUCCESS) && (bytes > 0) && data) {
 		afc_unlock(client);
@@ -651,6 +652,8 @@ afc_file_open(afc_client_t client, const char *filename,
 		free(data);
 		return ret;
 	}
+	/* in case memory was allocated but no data received or an error occurred */
+	free(data);
 
 	debug_info("Didn't get any further data");
 
-- 
cgit v1.1-32-gdbae