[Lcms-user] Memory leak patches

Tue, 29 Oct 2013 18:13:51 -0700 

Hi Marti,

attached are two patches against version 2.5 that fix memory leaks in the
case of errors. It would be great if you could consider them for the next
release.

Thanks a lot,
Leo

--- /usr/local/google/home/sealion/tmp/lcms2-2.5/src/cmstypes.c	2013-06-27 09:01:28.000000000 -0700
+++ cmstypes.c	2013-10-29 16:29:04.000000000 -0700
@@ -1795,9 +1795,16 @@
         if (T  == NULL) goto Error;
 
         Temp = (cmsUInt8Number*) _cmsMalloc(self ->ContextID, nTabSize);
-        if (Temp == NULL) goto Error;
+        if (Temp == NULL) {
+          _cmsFree(self ->ContextID, T);
+          goto Error;
+        }
 
-        if (io ->Read(io, Temp, nTabSize, 1) != 1) goto Error;
+        if (io ->Read(io, Temp, nTabSize, 1) != 1) {
+          _cmsFree(self ->ContextID, T);
+          _cmsFree(self ->ContextID, Temp);
+          goto Error;
+        }
 
         for (i = 0; i < nTabSize; i++) {
 
@@ -1806,8 +1813,10 @@
         _cmsFree(self ->ContextID, Temp);
         Temp = NULL;
 
-        if (!cmsPipelineInsertStage(NewLUT, cmsAT_END, cmsStageAllocCLut16bit(self ->ContextID, CLUTpoints, InputChannels, OutputChannels, T)))
+        if (!cmsPipelineInsertStage(NewLUT, cmsAT_END, cmsStageAllocCLut16bit(self ->ContextID, CLUTpoints, InputChannels, OutputChannels, T))) {
+            _cmsFree(self ->ContextID, T);
             goto Error;
+        }
         _cmsFree(self ->ContextID, T);
     }
 
@@ -2354,9 +2363,13 @@
     else
         if (Precision == 2) {
 
-            if (!_cmsReadUInt16Array(io, Data->nEntries, Data ->Tab.T)) return NULL;
+            if (!_cmsReadUInt16Array(io, Data->nEntries, Data ->Tab.T)) {
+              cmsStageFree(CLUT);
+              return NULL;
+            }
     }
     else {
+        cmsStageFree(CLUT);
         cmsSignalError(self ->ContextID, cmsERROR_UNKNOWN_EXTENSION, "Unknown precision of '%d'", Precision);
         return NULL;
     }

--- /usr/local/google/home/sealion/tmp/lcms2-2.5/src/cmsxform.c	2013-06-27 09:01:28.000000000 -0700
+++ cmsxform.c	2013-10-29 16:14:51.000000000 -0700
@@ -698,6 +698,7 @@
     // Check channel count
     if ((cmsChannelsOf(EntryColorSpace) != cmsPipelineInputChannels(Lut)) ||
         (cmsChannelsOf(ExitColorSpace)  != cmsPipelineOutputChannels(Lut))) {
+        cmsPipelineFree(Lut);
         cmsSignalError(ContextID, cmsERROR_NOT_SUITABLE, "Channel count doesn't match. Profile is corrupted");
         return NULL;
     }

------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Lcms-user mailing list
Lcms-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lcms-user

Reply via email to