From 9ae994a130a66a375e9ff2d85f6d5d079eeb0adb Mon Sep 17 00:00:00 2001
From: Sebastian Rasmussen <sebras@gmail.com>
Date: Fri, 2 Jun 2017 00:04:30 +0800
Subject: tiff: Avoid dropping wild pointer in case of error.

---
 source/fitz/load-tiff.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/source/fitz/load-tiff.c b/source/fitz/load-tiff.c
index 2a0029d8..52dd1893 100644
--- a/source/fitz/load-tiff.c
+++ b/source/fitz/load-tiff.c
@@ -290,7 +290,7 @@ tiff_expand_colormap(fz_context *ctx, struct tiff *tiff)
 static unsigned
 tiff_decode_data(fz_context *ctx, struct tiff *tiff, unsigned char *rp, unsigned int rlen, unsigned char *wp, unsigned int wlen)
 {
-	fz_stream *stm;
+	fz_stream *stm = NULL;
 	unsigned i, size;
 	unsigned char *reversed = NULL;
 	fz_stream *jpegtables = NULL;
@@ -308,6 +308,8 @@ tiff_decode_data(fz_context *ctx, struct tiff *tiff, unsigned char *rp, unsigned
 		rp = reversed;
 	}
 
+	fz_var(stm);
+
 	fz_try(ctx)
 	{
 		/* each decoder will close this */
-- 
cgit v1.2.3