Fix a memleak in ParsePixels error code path (!13) · Merge requests · xorg / lib / libXpm

Peter Hutterer requested to merge whot/libxpm:wip/plug-memleak into master Jan 23, 2023

In this particular error path we have already allocated cidx[0..256] with 256 instances of fresh and juicy memory. Freeing that is annoying, but luckily there's a helpful FREE_CIDX macro that does exactly that.

Fixes f80fa6ae: Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height

Found by covscan

cc @alanc

Admin message

Fix a memleak in ParsePixels error code path

Merge request reports