splash/Splash.cc | 1 +
1 file changed, 1 insertion(+)
New commits:
commit c9650369c5dd74812db515d986ded898b9002ae4
Author: Albert Astals Cid <aa...@kde.org>
Date: Thu May 24 18:20:12 2018 +0200
Splash::scaleMaskYuXu: Free internal bitmap data on error
this way we don't try to use it later, which will be an uninitialized
memory read
fixes oss-fuzz/8511
diff --git a/splash/Splash.cc b/splash/Splash.cc
index 7a772144..a95cc805 100644
--- a/splash/Splash.cc
+++ b/splash/Splash.cc
@@ -3573,6 +3573,7 @@ void Splash::scaleMaskYuXu(SplashImageMaskSource src,
void *srcData,
if (unlikely(srcWidth <= 0 || srcHeight <= 0)) {
error(errSyntaxError, -1, "srcWidth <= 0 || srcHeight <= 0 in
Splash::scaleMaskYuXu");
+ gfree(dest->takeData());
return;
}
_______________________________________________
poppler mailing list
poppler@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/poppler
