From 93b9f7236ce09614ea5edcb0f616f1b4095c4830 Mon Sep 17 00:00:00 2001 From: Sebastian Rasmussen Date: Tue, 23 Jun 2020 02:18:19 +0800 Subject: [PATCH] openjp2: Error out if failing to create Tier 1 handle. Previously when the handle failed to be created (e.g. when opj_calloc returned NULL due to low memory), the code still assumed that the t1 handle pointer was valid and dereferenced NULL, causing a crash. After this commit OpenJPEG will instead error out under this condition. This fixes issue #1255. --- src/lib/openjp2/t1.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/lib/openjp2/t1.c b/src/lib/openjp2/t1.c index f6f76711..f47764f8 100644 --- a/src/lib/openjp2/t1.c +++ b/src/lib/openjp2/t1.c @@ -1658,6 +1658,13 @@ static void opj_t1_clbl_decode_processor(void* user_data, opj_tls_t* tls) t1 = (opj_t1_t*) opj_tls_get(tls, OPJ_TLS_KEY_T1); if (t1 == NULL) { t1 = opj_t1_create(OPJ_FALSE); + if (t1 == NULL) { + opj_event_msg(job->p_manager, EVT_ERROR, + "Cannot allocate Tier 1 handle\n"); + *(job->pret) = OPJ_FALSE; + opj_free(job); + return; + } opj_tls_set(tls, OPJ_TLS_KEY_T1, t1, opj_t1_destroy_wrapper); } t1->mustuse_cblkdatabuffer = job->mustuse_cblkdatabuffer;