Fix a memleak in ParsePixels error code path

In this particular error path we have already allocated cidx[0..256] with 256 instances of fresh and juicy memory. Freeing that is annoying, but luckily there's a helpful FREE_CIDX macro that does exactly that. Fixes f80fa6a: Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height Found by covscan Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
author: Peter Hutterer <peter.hutterer@who-t.net> 2023-01-23 19:57:28 +1000
committer: Alan Coopersmith <alan.coopersmith@oracle.com> 2023-01-23 23:46:34 +0000
commit: 77e3b389eb92b8d8f94f5b83c1d3d7cd4db5b037 (patch)
tree: 78dd7f7aa97c1d009755f7302593a23872ee4e49 /src
parent: 71d7149cb356b96cc83e2ec95d06df4022039e2c (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/parse.c b/src/parse.c
index 64f51ba..2bb3f0e 100644
--- a/src/parse.c
+++ b/src/parse.c
@@ -524,6 +524,7 @@ do \
 	    for (y = 0; y < height; y++) {
 		ErrorStatus = xpmNextString(data);
 		if (ErrorStatus != XpmSuccess) {
+		    FREE_CIDX;
 		    XpmFree(iptr2);
 		    return (ErrorStatus);
 		}
author	Peter Hutterer <peter.hutterer@who-t.net>	2023-01-23 19:57:28 +1000
committer	Alan Coopersmith <alan.coopersmith@oracle.com>	2023-01-23 23:46:34 +0000
commit	77e3b389eb92b8d8f94f5b83c1d3d7cd4db5b037 (patch)
tree	78dd7f7aa97c1d009755f7302593a23872ee4e49 /src
parent	71d7149cb356b96cc83e2ec95d06df4022039e2c (diff)