From 39ee9dfac1c6d286a4075c7e2435fe1cfe365bad Mon Sep 17 00:00:00 2001 From: kcwu Date: Thu, 22 Sep 2016 18:26:22 -0700 Subject: Fix memory leaks in lcms found by libfuzzer Review-Url: https://codereview.chromium.org/2359243003 --- .../0005-memory-leak-AllocEmptyTransform.patch | 34 ++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 third_party/lcms2-2.6/0005-memory-leak-AllocEmptyTransform.patch (limited to 'third_party/lcms2-2.6/0005-memory-leak-AllocEmptyTransform.patch') diff --git a/third_party/lcms2-2.6/0005-memory-leak-AllocEmptyTransform.patch b/third_party/lcms2-2.6/0005-memory-leak-AllocEmptyTransform.patch new file mode 100644 index 0000000000..a85a9682bd --- /dev/null +++ b/third_party/lcms2-2.6/0005-memory-leak-AllocEmptyTransform.patch @@ -0,0 +1,34 @@ +diff --git a/third_party/lcms2-2.6/src/cmsxform.c b/third_party/lcms2-2.6/src/cmsxform.c +index eddb9bd..6466d27 100644 +--- a/third_party/lcms2-2.6/src/cmsxform.c ++++ b/third_party/lcms2-2.6/src/cmsxform.c +@@ -593,7 +593,10 @@ _cmsTRANSFORM* AllocEmptyTransform(cmsContext ContextID, cmsPipeline* lut, + + // Allocate needed memory + _cmsTRANSFORM* p = (_cmsTRANSFORM*) _cmsMallocZero(ContextID, sizeof(_cmsTRANSFORM)); +- if (!p) return NULL; ++ if (!p) { ++ cmsPipelineFree(lut); ++ return NULL; ++ } + + // Store the proposed pipeline + p ->Lut = lut; +@@ -643,7 +646,7 @@ _cmsTRANSFORM* AllocEmptyTransform(cmsContext ContextID, cmsPipeline* lut, + if (p ->FromInputFloat == NULL || p ->ToOutputFloat == NULL) { + + cmsSignalError(ContextID, cmsERROR_UNKNOWN_EXTENSION, "Unsupported raster format"); +- _cmsFree(ContextID, p); ++ cmsDeleteTransform(p); + return NULL; + } + +@@ -673,7 +676,7 @@ _cmsTRANSFORM* AllocEmptyTransform(cmsContext ContextID, cmsPipeline* lut, + if (p ->FromInput == NULL || p ->ToOutput == NULL) { + + cmsSignalError(ContextID, cmsERROR_UNKNOWN_EXTENSION, "Unsupported raster format"); +- _cmsFree(ContextID, p); ++ cmsDeleteTransform(p); + return NULL; + } + -- cgit v1.2.3