From bb7ba45623332ecd01004c41ffb93be577896304 Mon Sep 17 00:00:00 2001
From: Kyle Hill <kyle.hill@tacomafia.net>
Date: Thu, 6 Sep 2012 17:20:49 -0500
Subject: [PATCH 1/6] Fix incorrect operator grouping in ZeroconfAvahi.cpp

---
 xbmc/network/linux/ZeroconfAvahi.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xbmc/network/linux/ZeroconfAvahi.cpp b/xbmc/network/linux/ZeroconfAvahi.cpp
index a849b9ebc1132..8214bb4021349 100644
--- a/xbmc/network/linux/ZeroconfAvahi.cpp
+++ b/xbmc/network/linux/ZeroconfAvahi.cpp
@@ -387,7 +387,7 @@ void CZeroconfAvahi::addService(tServiceMap::mapped_type fp_service_info, AvahiC
   {
     if ((ret = avahi_entry_group_add_service_strlst(fp_service_info->mp_group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, AvahiPublishFlags(0),
                                              fp_service_info->m_name.c_str(),
-                                             fp_service_info->m_type.c_str(), NULL, NULL, fp_service_info->m_port, fp_service_info->mp_txt) < 0))
+                                             fp_service_info->m_type.c_str(), NULL, NULL, fp_service_info->m_port, fp_service_info->mp_txt)) < 0)
     {
       if (ret == AVAHI_ERR_COLLISION)
       {

From f574332197dd730cb3b0559548364a9b02c8f4f7 Mon Sep 17 00:00:00 2001
From: Kyle Hill <kyle.hill@tacomafia.net>
Date: Thu, 6 Sep 2012 17:29:11 -0500
Subject: [PATCH 2/6] Fix unreachable code in GUIDialogMediaSource.cpp

Guidance on this issue is greatly appreciated.  I beleive this is
correct given how other methods in this class or implemented, but
another set of eyes is welcome.
---
 xbmc/dialogs/GUIDialogMediaSource.cpp | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/xbmc/dialogs/GUIDialogMediaSource.cpp b/xbmc/dialogs/GUIDialogMediaSource.cpp
index e0e015972c3e4..1e3be6ffcec70 100644
--- a/xbmc/dialogs/GUIDialogMediaSource.cpp
+++ b/xbmc/dialogs/GUIDialogMediaSource.cpp
@@ -165,8 +165,7 @@ bool CGUIDialogMediaSource::ShowAndAddMediaSource(const CStdString &type)
 
 bool CGUIDialogMediaSource::ShowAndEditMediaSource(const CStdString &type, const CStdString&share)
 {
-  VECSOURCES* pShares=NULL;
-
+  VECSOURCES* pShares = g_settings.GetSourcesFromType(type);
   if (pShares)
   {
     for (unsigned int i=0;i<pShares->size();++i)
@@ -175,7 +174,6 @@ bool CGUIDialogMediaSource::ShowAndEditMediaSource(const CStdString &type, const
         return ShowAndEditMediaSource(type,(*pShares)[i]);
     }
   }
-
   return false;
 }
 

From d23e851c963869c946f66e77de5721d2fcf5f24c Mon Sep 17 00:00:00 2001
From: Kyle Hill <kyle.hill@tacomafia.net>
Date: Sun, 16 Sep 2012 12:18:02 -0500
Subject: [PATCH 3/6] Fix use-after-free error in TagLoaderTagLib.cpp

---
 xbmc/music/tags/TagLoaderTagLib.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/xbmc/music/tags/TagLoaderTagLib.cpp b/xbmc/music/tags/TagLoaderTagLib.cpp
index 48dcd4d90b4ff..56be51b890bcf 100644
--- a/xbmc/music/tags/TagLoaderTagLib.cpp
+++ b/xbmc/music/tags/TagLoaderTagLib.cpp
@@ -152,6 +152,7 @@ bool CTagLoaderTagLib::Load(const string& strFileName, CMusicInfoTag& tag, Embed
     if (!file || !file->isValid())
     {
       delete file;
+      oggFlacFile = NULL;
       file = oggVorbisFile = new Ogg::Vorbis::File(stream);
     }
   }

From c20b7e3566832dee495b16d1a64042f04d9ee79f Mon Sep 17 00:00:00 2001
From: Kyle Hill <kyle.hill@tacomafia.net>
Date: Sun, 16 Sep 2012 12:28:20 -0500
Subject: [PATCH 4/6] Fix possible memory leak in WebServer.cpp

---
 xbmc/network/WebServer.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/xbmc/network/WebServer.cpp b/xbmc/network/WebServer.cpp
index ab0dd0c17007b..4a0ea86819bf7 100644
--- a/xbmc/network/WebServer.cpp
+++ b/xbmc/network/WebServer.cpp
@@ -395,7 +395,11 @@ int CWebServer::CreateFileDownloadResponse(struct MHD_Connection *connection, co
                                                      &CWebServer::ContentReaderCallback, file,
                                                      &CWebServer::ContentReaderFreeCallback);
       if (response == NULL)
+      {
+        file->Close();
+        delete file;
         return MHD_NO;
+      }
     }
     else
     {

From 20bc4da31df9e028b5d5c31d6f70feef11bca9e7 Mon Sep 17 00:00:00 2001
From: Kyle Hill <kyle.hill@tacomafia.net>
Date: Sun, 16 Sep 2012 12:33:33 -0500
Subject: [PATCH 5/6] Fix read from invalidated iterator in CallbackHandler.cpp

---
 xbmc/interfaces/legacy/CallbackHandler.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/xbmc/interfaces/legacy/CallbackHandler.cpp b/xbmc/interfaces/legacy/CallbackHandler.cpp
index 38b438850b54f..0cedb85c7c2e5 100644
--- a/xbmc/interfaces/legacy/CallbackHandler.cpp
+++ b/xbmc/interfaces/legacy/CallbackHandler.cpp
@@ -145,11 +145,11 @@ namespace XBMCAddon
 #ifdef ENABLE_TRACE_API
         CLog::Log(LOGDEBUG,"%sNEWADDON removing callback 0x%lx for PyThreadState 0x%lx from queue", _tg.getSpaces(),(long)(p->cb.get()) ,(long)userData);
 #endif
-        g_callQueue.erase(iter);
+        iter = g_callQueue.erase(iter);
       }
       else
         iter++;
-    }  
+    }
   }
 }
 

From 9dbe48d957ba83286ec331d6fc1773fcd42c57d4 Mon Sep 17 00:00:00 2001
From: Kyle Hill <kyle.hill@tacomafia.net>
Date: Wed, 3 Oct 2012 22:28:04 -0500
Subject: [PATCH 6/6] Fix possible use after free in BitstreamConverter.cpp

---
 xbmc/utils/BitstreamConverter.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/xbmc/utils/BitstreamConverter.cpp b/xbmc/utils/BitstreamConverter.cpp
index a169a322c5238..0bd407fb05de9 100644
--- a/xbmc/utils/BitstreamConverter.cpp
+++ b/xbmc/utils/BitstreamConverter.cpp
@@ -535,7 +535,10 @@ void CBitstreamConverter::Close(void)
       m_sps_pps_context.sps_pps_data = NULL;
     }
     if(m_convertBuffer)
+    {
       free(m_convertBuffer);
+      m_convertBuffer = NULL;
+    }
     m_convertSize       = 0;
   }