From 28e893e56d87f6d8266174ce9c4bc98b03c0e953 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moritz=20=22WanzenBug=22=20Wanzenb=C3=B6ck?=
 <moritz@wanzenbug.xyz>
Date: Wed, 19 Feb 2025 15:56:07 +0100
Subject: [PATCH] secretservice: fix null derefence on locked collections
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

secret_item_get_secret() may return null if an item is locked or not loaded.
While we set SECRET_SEARCH_LOAD_SECRETS and SECRET_SEARCH_UNLOCK, there may
still be locked items, for example the user may refuse the unlock request.

So we still need to check if the secret data is NULL before we can try to
reference it.

Signed-off-by: Moritz "WanzenBug" Wanzenböck <moritz@wanzenbug.xyz>
---
 secretservice/secretservice.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/secretservice/secretservice.c b/secretservice/secretservice.c
index b77a0d2..938bf9a 100644
--- a/secretservice/secretservice.c
+++ b/secretservice/secretservice.c
@@ -83,6 +83,9 @@ GError *get(char *server, char **username, char **secret) {
 				}
 				g_free(value);
 				secretValue = secret_item_get_secret(l->data);
+				if (secretValue == NULL) {
+					continue;
+				}
 				if (secret != NULL) {
 					*secret = strdup(secret_value_get(secretValue, &length));
 					secret_value_unref(secretValue);