[bzip2] Avoid use of uninitialized memory.

* src/bzip2/ftbzip2.c (FT_Stream_OpenBzip2): Don't use `FT_QNEW` but `FT_NEW` for setting up `zip` to avoid uninitialized memory access while handling malformed PCF fonts later on. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42800
author: Werner Lemberg <wl@gnu.org> 2022-01-09 07:48:59 +0100
committer: Werner Lemberg <wl@gnu.org> 2022-01-09 07:48:59 +0100
commit: d276bcb7f0c02c20d3585b2e5626702df6d140a6 (patch)
tree: 2f08223993b88172f287764f0fc43bd5395c2aa4
parent: ca0111289498f3f6ce28b3d78ff5a54ccdfd2d47 (diff)
download: freetype2-d276bcb7f0c02c20d3585b2e5626702df6d140a6.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/src/bzip2/ftbzip2.c b/src/bzip2/ftbzip2.c
index 296cea088..704979406 100644
--- a/src/bzip2/ftbzip2.c
+++ b/src/bzip2/ftbzip2.c
@@ -481,7 +481,9 @@
     FT_ZERO( stream );
     stream->memory = memory;
 
-    if ( !FT_QNEW( zip ) )
+    /* Don't use `FT_QNEW` here to avoid problems with uninitialized */
+    /* memory later on if the font is malformed.                     */
+    if ( !FT_NEW( zip ) )
     {
       error = ft_bzip2_file_init( zip, stream, source );
       if ( error )
author	Werner Lemberg <wl@gnu.org>	2022-01-09 07:48:59 +0100
committer	Werner Lemberg <wl@gnu.org>	2022-01-09 07:48:59 +0100
commit	d276bcb7f0c02c20d3585b2e5626702df6d140a6 (patch)
tree	2f08223993b88172f287764f0fc43bd5395c2aa4
parent	ca0111289498f3f6ce28b3d78ff5a54ccdfd2d47 (diff)
download	freetype2-d276bcb7f0c02c20d3585b2e5626702df6d140a6.tar.gz