Fix crash issue due to garbage valuesubmit/tizen_5.5_wearable_hotfix/20201026.184303submit/tizen_5.5/20200312.042342accepted/tizen/5.5/unified/wearable/hotfix/20201027.115619accepted/tizen/5.5/unified/20200313.004350tizen_5.5_wearable_hotfixtizen_5.5accepted/tizen_5.5_unified_wearable_hotfixaccepted/tizen_5.5_unified

  - If the result of g_convert() is empty string, the written_len is 0.
    Then (unsigned int)'written_len - 1' became garbage value and
    checking carriage return make crash.

(gdb)bt full
mmfile_string_convert ...mm_file_util_string.c:189
        i = 1395696
        result = 0xae45a410 ""
        err = 0x0
        written_len = 0

Change-Id: I61b4c3e4a6b938ce549844e163dc46f47398aa98

2 files changed, 4 insertions, 3 deletions

diff --git a/packaging/libmm-fileinfo.spec b/packaging/libmm-fileinfo.spec
index 1eef915..6561d3b 100644
--- a/packaging/libmm-fileinfo.spec
+++ b/packaging/libmm-fileinfo.spec
@@ -1,6 +1,6 @@
 Name:	    libmm-fileinfo
 Summary:    Media Fileinfo
-Version:    0.6.86
+Version:    0.6.87
 Release:    1
 Group:      System/Libraries
 License:    Apache-2.0
diff --git a/utils/mm_file_util_string.c b/utils/mm_file_util_string.c
index be784ab..96f549c 100755
--- a/utils/mm_file_util_string.c
+++ b/utils/mm_file_util_string.c
@@ -173,18 +173,19 @@ char *mmfile_string_convert(const char *str, unsigned int len,
 	result = g_convert(str, len, to_codeset, from_codeset, bytes_read, &written_len, &err);
 
 	/*if converting failed, return null string.*/
-	if (!result) {
+	if (!result || written_len == 0) {
 		debug_warning(RELEASE, "text encoding failed.[%s][%d]\n", str, len);
 
 		if (err != NULL) {
 			debug_warning(DEBUG, "Error msg [%s]", err->message);
 			g_error_free(err);
 		}
+		mmfile_free(result);
 
 		written_len = 0;
 	} else {
 		/* check carriage return */
-		unsigned int i = 0;
+		gsize i = 0;
 		for (i = 0; i < written_len - 1; i++) {
 			if (result[i] == '\r') {
 				if (result[i + 1] != '\n')