ref: 8e3dacadd2eef4a5ee535d00b49901402c1e66e6
parent: 4d4275d7db3676184bca4d9da8f843d27f0952f9
author: Sebastian Rasmussen <sebras@gmail.com>
date: Tue Apr 24 22:11:00 EDT 2018
jbig2dec: Initialize huffman table for size of symbols refinement data. Previously this was uninitialized, possibly leading to dereferencing an uninitialized table pointer.
--- a/jbig2_symbol_dict.c
+++ b/jbig2_symbol_dict.c
@@ -504,10 +504,11 @@
tparams->SBHUFFRDH = jbig2_build_huffman_table(ctx, &jbig2_huffman_params_O); /* Table B.15 */
tparams->SBHUFFRDX = jbig2_build_huffman_table(ctx, &jbig2_huffman_params_O); /* Table B.15 */
tparams->SBHUFFRDY = jbig2_build_huffman_table(ctx, &jbig2_huffman_params_O); /* Table B.15 */
+ tparams->SBHUFFRSIZE = jbig2_build_huffman_table(ctx, &jbig2_huffman_params_A); /* Table B.1 */
if ((tparams->SBHUFFFS == NULL) || (tparams->SBHUFFDS == NULL) ||
(tparams->SBHUFFDT == NULL) || (tparams->SBHUFFRDW == NULL) ||
(tparams->SBHUFFRDH == NULL) || (tparams->SBHUFFRDX == NULL) ||
- (tparams->SBHUFFRDY == NULL)) {+ (tparams->SBHUFFRDY == NULL) || (tparams->SBHUFFRSIZE == NULL)) {jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number, "out of memory creating text region huffman decoder entries");
goto cleanup4;
}
@@ -845,6 +846,7 @@
jbig2_release_huffman_table(ctx, tparams->SBHUFFRDY);
jbig2_release_huffman_table(ctx, tparams->SBHUFFRDW);
jbig2_release_huffman_table(ctx, tparams->SBHUFFRDH);
+ jbig2_release_huffman_table(ctx, tparams->SBHUFFRSIZE);
}
jbig2_free(ctx->allocator, tparams);
}