diff options
author | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2016-12-29 07:34:51 -0600 |
---|---|---|
committer | Glenn Randers-Pehrson <glennrp at users.sourceforge.net> | 2016-12-29 07:39:52 -0600 |
commit | 794a15fad6add4d636369d0b46f603a02995b2e2 (patch) | |
tree | 2b4c1691d2a7cba157962af43fc5edf89162c5d6 | |
parent | 302c322ce9383eb46aaa46b7ef0a09cf045d9e2e (diff) | |
download | libpng-794a15fad6add4d636369d0b46f603a02995b2e2.tar.gz |
[libpng12] Fixed a potential null pointer dereference in png_set_text_2()
(bug report and patch by Patrick Keshishian).
-rw-r--r-- | ANNOUNCE | 2 | ||||
-rw-r--r-- | CHANGES | 4 | ||||
-rw-r--r-- | png.c | 1 |
3 files changed, 6 insertions, 1 deletions
@@ -42,6 +42,8 @@ Changes since the last public release (1.2.56): Fix typos in libpng.3 synopses (Eric S. Raymond). Fixed undefined behavior in png_push_save_buffer(). Do not call memcpy() with a null source, even if count is zero (Leon Scroggins III). + Fixed potential null pointer dereference in png_set_text_2() (bug report + and patch by Patrick Keshishian). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit @@ -2925,7 +2925,9 @@ version 1.2.57rc01 [December 27, 2016] Fixed undefined behavior in png_push_save_buffer(). Do not call memcpy() with a null source, even if count is zero (Leon Scroggins III). -version 1.0.67 and 1.2.57 [December 29, 2016] +versions 1.0.67 and 1.2.57 [December 29, 2016] + Fixed a potential null pointer dereference in png_set_text_2() (bug report + and patch by Patrick Keshishian). Send comments/corrections/commendations to png-mng-implement at lists.sf.net (subscription required; visit @@ -393,6 +393,7 @@ png_free_data(png_structp png_ptr, png_infop info_ptr, png_uint_32 mask, png_free(png_ptr, info_ptr->text); info_ptr->text = NULL; info_ptr->num_text=0; + info_ptr->max_text=0; } } #endif |