shithub: jbig2

Download patch

ref: 26565665591e250cfbda9bc6d8834f8a2922d206
parent: bb27f271e4b508d63ca4f572b733e36977f0cbc4
author: Shailesh Mistry <shailesh.mistry@hotmail.co.uk>
date: Sun May 27 19:35:06 EDT 2012 

Bug 693050 : Fixes CERT reported issue labelled BranchAvNearNull


--- a/jbig2_symbol_dict.c
+++ b/jbig2_symbol_dict.c
@@ -529,7 +529,7 @@
 
 		      /* multiple symbols are handled as a text region */
 		      jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts,
-			  n_refagg_dicts, image, data, size, GR_stats, as, as ? NULL : ws);
+			  n_refagg_dicts, image, data, size, GR_stats, as, ws);
 
 		      SDNEWSYMS->glyphs[NSYMSDECODED] = image;
 		      refagg_dicts[0]->glyphs[params->SDNUMINSYMS + NSYMSDECODED] = jbig2_image_clone(ctx, SDNEWSYMS->glyphs[NSYMSDECODED]);
@@ -800,7 +800,10 @@
 
 cleanup2:
   jbig2_sd_release(ctx, SDNEWSYMS);
-  jbig2_free(ctx->allocator, SDNEWSYMWIDTHS);
+  if (params->SDHUFF && params->SDREFAGG)
+  {
+      jbig2_free(ctx->allocator, SDNEWSYMWIDTHS);
+  }
   jbig2_release_huffman_table(ctx, SDHUFFRDX);
   jbig2_release_huffman_table(ctx, SBHUFFRSIZE);
   jbig2_huffman_free(ctx, hs);