From c021382022a9b5d1e61415f219eaa2b31a8c1a29 Mon Sep 17 00:00:00 2001 From: Eli Zaretskii Date: Wed, 19 Feb 2014 19:26:14 +0200 Subject: [PATCH] Avoid crashes on MS-Windows when JPEG images are too large. src/image.c (x_create_x_image_and_pixmap) [HAVE_NTGUI]: If CreateDIBSection returns an error indication, zero out *ximg after destroying the image. This avoids crashes in memory allocations due to the fact that some of the callers also call x_destroy_x_image, which will attempt to free an already free'd block of memory. --- src/ChangeLog | 9 +++++++++ src/image.c | 1 + 2 files changed, 10 insertions(+) diff --git a/src/ChangeLog b/src/ChangeLog index 0fc12fce809..cbc48a75469 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,12 @@ +2014-02-19 Eli Zaretskii + + * image.c (x_create_x_image_and_pixmap) [HAVE_NTGUI]: If + CreateDIBSection returns an error indication, zero out *ximg after + destroying the image. This avoids crashes in memory allocations + due to the fact that some of the callers also call + x_destroy_x_image, which will attempt to free an already free'd + block of memory. + 2014-02-18 Martin Rudalics * widget.c (update_various_frame_slots): Don't set diff --git a/src/image.c b/src/image.c index e53ad0b4a30..d6d5ace509d 100644 --- a/src/image.c +++ b/src/image.c @@ -2019,6 +2019,7 @@ x_create_x_image_and_pixmap (struct frame *f, int width, int height, int depth, XSETINT (errcode, err); image_error ("Unable to create bitmap, error code %d", errcode, Qnil); x_destroy_x_image (*ximg); + *ximg = NULL; return 0; } -- 2.39.2