[libpng16] Stopped a potential memory leak in png_set_unknown_chunks(). Breaks tests/pngunknown-sAPI so it's temporarily marked SKIP.

commit: 217d38cdeac95e069e34ae2e7359f0b6e75cd365 [log] [tgz]
author: Glenn Randers-Pehrson <glennrp at users.sourceforge.net> Sat Mar 07 10:35:03 2015 -0600
committer: Glenn Randers-Pehrson <glennrp at users.sourceforge.net> Sat Mar 07 10:35:03 2015 -0600
tree: 9dc95b77dc49a798bbb39621a2e0c98a58b7a19b
parent: 377fb539448efc3d5f8bfb115604322d140c8263 [diff] [blame]
diff --git a/pngset.c b/pngset.c
index 5740730..2b91646 100644
--- a/pngset.c
+++ b/pngset.c

@@ -1180,6 +1180,17 @@
       return;
    }
 
+   if ((np->location & (PNG_HAVE_IHDR|PNG_HAVE_PLTE|PNG_AFTER_IDAT)) == 0)
+   {
+      png_free(png_ptr, np);
+      np = NULL;
+      png_chunk_report(png_ptr,
+          "invalid chunk location in png_set_unknown_chunks",
+          PNG_CHUNK_WRITE_ERROR);
+
+      return;
+   }
+
    png_free(png_ptr, info_ptr->unknown_chunks);
    info_ptr->unknown_chunks = np; /* safe because it is initialized */
    info_ptr->free_me |= PNG_FREE_UNKN;
@@ -1254,7 +1265,7 @@
          check_location(png_ptr, location);
    }
 }
-#endif
+#endif /* STORE_UNKNOWN_CHUNKS */
 
 
 #ifdef PNG_MNG_FEATURES_SUPPORTED
commit	217d38cdeac95e069e34ae2e7359f0b6e75cd365	[log] [tgz]
author	Glenn Randers-Pehrson <glennrp at users.sourceforge.net>	Sat Mar 07 10:35:03 2015 -0600
committer	Glenn Randers-Pehrson <glennrp at users.sourceforge.net>	Sat Mar 07 10:35:03 2015 -0600
tree	9dc95b77dc49a798bbb39621a2e0c98a58b7a19b
parent	377fb539448efc3d5f8bfb115604322d140c8263 [diff] [blame]