[PATCH] erofs-utils: lib: fix potential NULL pointer dereference in docker config

[lasyaprathipati at gmail.com]

From: Sri Lasya <lasyaprathipati at gmail.com>

Signed-off-by: Sri Lasya <lasyaprathipati at gmail.com>
---
 lib/remotes/docker_config.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/lib/remotes/docker_config.c b/lib/remotes/docker_config.c
index 6401c1b..74ef5e6 100644
--- a/lib/remotes/docker_config.c
+++ b/lib/remotes/docker_config.c
@@ -60,6 +60,8 @@ static char *docker_config_path(void)
 
 static char *read_file_to_string(const char *path)
 {
+	if (!path)
+		return NULL;
 	FILE *fp;
 	struct stat st;
 	char *buf;
@@ -182,10 +184,12 @@ int erofs_docker_config_lookup(const char *registry,
 		return -EINVAL;
 	}
 
-	if (!json_object_object_get_ex(root, "auths", &auths_obj)) {
-		erofs_dbg("no \"auths\" in docker config.json");
+	if (!json_object_object_get_ex(root, "auths", &auths_obj) ||
+		!json_object_is_type(auths_obj, json_type_object)) {
+
+		erofs_err("invalid or missing 'auths' in docker config");
 		json_object_put(root);
-		return -ENOENT;
+		return -EFSCORRUPTED;
 	}
 
 	struct json_object_iterator it = json_object_iter_begin(auths_obj);
@@ -202,10 +206,8 @@ int erofs_docker_config_lookup(const char *registry,
 		}
 
 		entry = json_object_iter_peek_value(&it);
-                if (!entry) {
-			json_object_iter_next(&it);
+                if (!entry)
 			continue;
-		}
 		if (json_object_object_get_ex(entry, "auth", &auth_field)) {
 			b64 = json_object_get_string(auth_field);
 			if (b64 && *b64) {
-- 
2.43.0