From 984887ee8fb431e5c5d243c40dcb73d5149b033f Mon Sep 17 00:00:00 2001 From: Sebastian Rasmussen Date: Tue, 31 Jul 2018 03:31:06 +0800 Subject: Bug 699694: Fix reference counting for JBIG2 globals. fz_open_jbig2d() is called at two locations in MuPDF. At one location a reference to the JBIG2 globals struct was taken before passing it to fz_open_jbig2d(). At the other location no such reference was taken, but rather ownership of the struct was implicitly transferred to fz_open_jbig2d(). This inconsistency led to a leak of the globals struct at the first location. Now, passing a JBIG2 globals struct to fz_open_jbig2d() never implictly takes ownership. Instead the JBIG2 stream will take a reference if it needs it and drops it in case of error. As usual it is the callers responsibility to drop the reference to the globals struct it owns. --- source/fitz/compressed-buffer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source/fitz/compressed-buffer.c') diff --git a/source/fitz/compressed-buffer.c b/source/fitz/compressed-buffer.c index 35b0868b..9a4f5c23 100644 --- a/source/fitz/compressed-buffer.c +++ b/source/fitz/compressed-buffer.c @@ -69,7 +69,7 @@ fz_open_image_decomp_stream(fz_context *ctx, fz_stream *tail, fz_compression_par break; case FZ_IMAGE_JBIG2: - head = fz_open_jbig2d(ctx, tail, fz_keep_jbig2_globals(ctx, params->u.jbig2.globals)); + head = fz_open_jbig2d(ctx, tail, params->u.jbig2.globals); break; case FZ_IMAGE_RLD: -- cgit v1.2.3