Brad Bishop | f8caae3 | 2019-03-25 13:13:56 -0400 | [diff] [blame^] | 1 | Use-after-free detected with static analysis. |
| 2 | |
| 3 | CVE: CVE-2019-7317 |
| 4 | Upstream-Status: Submitted [https://github.com/glennrp/libpng/issues/275] |
| 5 | Signed-off-by: Ross Burton <ross.burton@intel.com> |
| 6 | |
| 7 | diff --git a/png.c b/png.c |
| 8 | index 9d9926f638..efd1aecfbd 100644 |
| 9 | --- a/png.c |
| 10 | +++ b/png.c |
| 11 | @@ -4588,8 +4588,7 @@ png_image_free(png_imagep image) |
| 12 | if (image != NULL && image->opaque != NULL && |
| 13 | image->opaque->error_buf == NULL) |
| 14 | { |
| 15 | - /* Ignore errors here: */ |
| 16 | - (void)png_safe_execute(image, png_image_free_function, image); |
| 17 | + png_image_free_function(image); |
| 18 | image->opaque = NULL; |
| 19 | } |
| 20 | } |