From 9d20a4f3a69fdea855f8678c1ad50b5db7472d81 Mon Sep 17 00:00:00 2001 From: Robin Watts Date: Wed, 20 Feb 2013 18:23:49 +0000 Subject: Bug 693639: Avoid heap overflow and leaks in error cases. Avoid heap overflow in the error case in fz_end_tile. Avoid leaking all previously loaded annotations from pdf_load_annots if pdf_is_dict throws an exception. Various whitespace fixes. Many thanks to zeniko. --- pdf/pdf_annot.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'pdf') diff --git a/pdf/pdf_annot.c b/pdf/pdf_annot.c index 9513bf1a..5b152592 100644 --- a/pdf/pdf_annot.c +++ b/pdf/pdf_annot.c @@ -361,7 +361,7 @@ pdf_load_annots(pdf_document *xref, pdf_obj *annots, pdf_page *page) { pdf_annot *annot, *head, *tail; pdf_obj *obj, *ap, *as, *n, *rect; - int i, len; + int i, len, is_dict; fz_context *ctx = xref->ctx; fz_var(annot); @@ -380,13 +380,15 @@ pdf_load_annots(pdf_document *xref, pdf_obj *annots, pdf_page *page) rect = pdf_dict_gets(obj, "Rect"); ap = pdf_dict_gets(obj, "AP"); as = pdf_dict_gets(obj, "AS"); + is_dict = pdf_is_dict(ap); } fz_catch(ctx) { ap = NULL; + is_dict = 0; } - if (!pdf_is_dict(ap)) + if (!is_dict) continue; annot = NULL; -- cgit v1.2.3