Fix security issue CVE-2014-0190

[taken from RedHat Qt3 patches] (cherry picked from commit ebf9a9871a1424469c6850d1844b1487e32d137a)
author: Slávek Banko <slavek.banko@axis.cz> 2015-03-09 22:32:50 +0100
committer: Slávek Banko <slavek.banko@axis.cz> 2015-03-09 22:38:32 +0100
commit: f457b176b5e94faffc78cdef05d9e99b7ad90e64 (patch)
tree: 9c85b5245b79bda25e4a88235f724c6dee2f8d3b /src
parent: 9577716fc34938519a9c57c262efec35bdb3c0d6 (diff)
download: tqt3-f457b176b5e94faffc78cdef05d9e99b7ad90e64.tar.gz
tqt3-f457b176b5e94faffc78cdef05d9e99b7ad90e64.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/src/kernel/qasyncimageio.cpp b/src/kernel/qasyncimageio.cpp
index c42e876ef..489d69af2 100644
--- a/src/kernel/qasyncimageio.cpp
+++ b/src/kernel/qasyncimageio.cpp
@@ -904,7 +904,12 @@ int TQGIFFormat::decode(TQImage& img, TQImageConsumer* consumer,
 		    sheight = newtop + newheight;
 
 		if (img.isNull()) {
-		    img.create(swidth, sheight, 32);
+		    if (!img.create(swidth, sheight, 32)) {
+			// Check if the attempt to create the image failed. If
+			// it did, the image is broken and we should give up.
+			state = Error;
+			return -1;
+		    }
 		    memset( img.bits(), 0, img.numBytes() );
 		    if (consumer) consumer->setSize(swidth, sheight);
 		}
author	Slávek Banko <slavek.banko@axis.cz>	2015-03-09 22:32:50 +0100
committer	Slávek Banko <slavek.banko@axis.cz>	2015-03-09 22:38:32 +0100
commit	f457b176b5e94faffc78cdef05d9e99b7ad90e64 (patch)
tree	9c85b5245b79bda25e4a88235f724c6dee2f8d3b /src
parent	9577716fc34938519a9c57c262efec35bdb3c0d6 (diff)
download	tqt3-f457b176b5e94faffc78cdef05d9e99b7ad90e64.tar.gz tqt3-f457b176b5e94faffc78cdef05d9e99b7ad90e64.zip