Fix security issue CVE-2014-0190

[taken from RedHat Qt3 patches] (cherry picked from commit ebf9a9871a)
9 years ago · f457b176b5
parent 9577716fc3
commit f457b176b5
1 changed files with 6 additions and 1 deletions
--- a/src/kernel/qasyncimageio.cpp
+++ b/src/kernel/qasyncimageio.cpp
@ -904,7 +904,12 @@ int TQGIFFormat::decode(TQImage& img, TQImageConsumer* consumer,
 		    sheight = newtop + newheight;

 		if (img.isNull()) {
-		    img.create(swidth, sheight, 32);
+		    if (!img.create(swidth, sheight, 32)) {
+			// Check if the attempt to create the image failed. If
+			// it did, the image is broken and we should give up.
+			state = Error;
+			return -1;
+		    }
 		    memset( img.bits(), 0, img.numBytes() );
 		    if (consumer) consumer->setSize(swidth, sheight);
 		}