From b1d78819518c5b5647f6e0f97327364921614b2b Mon Sep 17 00:00:00 2001
From: Robin Watts <robin.watts@artifex.com>
Date: Tue, 17 Oct 2017 19:38:49 +0100
Subject: Ensure that fz_new_image_from_buffer doesn't leak a colorspace.

---
 source/fitz/image.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'source/fitz/image.c')

diff --git a/source/fitz/image.c b/source/fitz/image.c
index 03038b2c..43addf96 100644
--- a/source/fitz/image.c
+++ b/source/fitz/image.c
@@ -979,12 +979,19 @@ fz_new_image_from_buffer(fz_context *ctx, fz_buffer *buffer)
 		fz_throw(ctx, FZ_ERROR_GENERIC, "unknown image file format");
 	}
 
-	bc = fz_malloc_struct(ctx, fz_compressed_buffer);
-	bc->buffer = fz_keep_buffer(ctx, buffer);
-	bc->params.type = type;
-	if (type == FZ_IMAGE_JPEG)
-		bc->params.u.jpeg.color_transform = -1;
-	image = fz_new_image_from_compressed_buffer(ctx, w, h, 8, cspace, xres, yres, 0, 0, NULL, NULL, bc, NULL);
+	fz_try(ctx)
+	{
+		bc = fz_malloc_struct(ctx, fz_compressed_buffer);
+		bc->buffer = fz_keep_buffer(ctx, buffer);
+		bc->params.type = type;
+		if (type == FZ_IMAGE_JPEG)
+			bc->params.u.jpeg.color_transform = -1;
+		image = fz_new_image_from_compressed_buffer(ctx, w, h, 8, cspace, xres, yres, 0, 0, NULL, NULL, bc, NULL);
+	}
+	fz_always(ctx)
+		fz_drop_colorspace(ctx, cspace);
+	fz_catch(ctx)
+		fz_rethrow(ctx);
 
 	return image;
 }
-- 
cgit v1.2.3