1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
https://crbug.com/923647
commit ae0bed1fe530a82faf2e9ea1775109dbf301a971
Merge: 933784a1 0c74a9f4
Author: Even Rouault <even.rouault@spatialys.com>
Date: Sat Feb 2 14:46:05 2019 +0000
Merge branch 'master' into 'master'
Fix for simple memory leak that was assigned CVE-2019-6128.
See merge request libtiff/libtiff!50
diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
index 01d8502ecf7a8a7f015e49ca9378a1a741cbc06b..9492f1cf1212177bf7e97d307757d0977c898e90 100644
--- a/tools/pal2rgb.c
+++ b/tools/pal2rgb.c
@@ -118,12 +118,14 @@ main(int argc, char* argv[])
shortv != PHOTOMETRIC_PALETTE) {
fprintf(stderr, "%s: Expecting a palette image.\n",
argv[optind]);
+ (void) TIFFClose(in);
return (-1);
}
if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) {
fprintf(stderr,
"%s: No colormap (not a valid palette image).\n",
argv[optind]);
+ (void) TIFFClose(in);
return (-1);
}
bitspersample = 0;
@@ -131,11 +133,14 @@ main(int argc, char* argv[])
if (bitspersample != 8) {
fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n",
argv[optind]);
+ (void) TIFFClose(in);
return (-1);
}
out = TIFFOpen(argv[optind+1], "w");
- if (out == NULL)
+ if (out == NULL) {
+ (void) TIFFClose(in);
return (-2);
+ }
cpTags(in, out);
TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth);
TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength);
|
