From dc5db30989f385303c79ec3188c52e33f6f5886e Mon Sep 17 00:00:00 2001
From: Ar Jun <pkillarjun@protonmail.com>
Date: Sat, 16 Nov 2024 11:50:09 -0600
Subject: [PATCH 1/2] Fix possible NULL deref in soup_uri_decode_data_uri

CVE: CVE-2025-32051
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/0713ba4a719da938dc8facc89fca99cd0aa3069f]

Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
 libsoup/soup-uri-utils.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
index be2b79b..0251279 100644
--- a/libsoup/soup-uri-utils.c
+++ b/libsoup/soup-uri-utils.c
@@ -303,6 +303,8 @@ soup_uri_decode_data_uri (const char *uri,
 
         uri_string = g_uri_to_string (soup_uri);
         g_uri_unref (soup_uri);
+        if (!uri_string)
+                return NULL;
 
         start = uri_string + 5;
         comma = strchr (start, ',');
-- 
2.34.1