Shadings - initialise a struct member in case of later error

OSS-fuzz #50113 If alloc_patch_fill_memory() fails, we would return to the caller, which would then free the patch_fill_state, which would try to dereference the 'pcic' member in order to remove a colour from the ICC cache. But the colour had not been added to the cache and pcic was uninitialised, resulting in a seg fault.
author: Ken Sharp <ken.sharp@artifex.com> 2022-08-13 16:14:04 +0100
committer: Ken Sharp <ken.sharp@artifex.com> 2022-08-13 17:18:11 +0100
commit: b1b4a6c0d439b3ffc3d40e3d4087fcbb8c20831c (patch)
tree: a499436bb273d7e475ec839e01c0e7600b640c1b
parent: 453c28fcf701ca71c3e35bf4f9cb90a02ecabb2c (diff)
download: ghostpdl-b1b4a6c0d439b3ffc3d40e3d4087fcbb8c20831c.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/base/gxshade6.c b/base/gxshade6.c
index 334e05a65..5183e607c 100644
--- a/base/gxshade6.c
+++ b/base/gxshade6.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2001-2021 Artifex Software, Inc.
+/* Copyright (C) 2001-2022 Artifex Software, Inc.
    All Rights Reserved.
 
    This software is provided AS-IS with no warranty, either express or
@@ -295,6 +295,7 @@ init_patch_fill_state(patch_fill_state_t *pfs)
     pfs->color_stack = NULL;
     pfs->color_stack_limit = NULL;
     pfs->unlinear = !is_linear_color_applicable(pfs);
+    pfs->pcic = NULL;
     return alloc_patch_fill_memory(pfs, pfs->pgs->memory, pcs);
 }
author	Ken Sharp <ken.sharp@artifex.com>	2022-08-13 16:14:04 +0100
committer	Ken Sharp <ken.sharp@artifex.com>	2022-08-13 17:18:11 +0100
commit	b1b4a6c0d439b3ffc3d40e3d4087fcbb8c20831c (patch)
tree	a499436bb273d7e475ec839e01c0e7600b640c1b
parent	453c28fcf701ca71c3e35bf4f9cb90a02ecabb2c (diff)
download	ghostpdl-b1b4a6c0d439b3ffc3d40e3d4087fcbb8c20831c.tar.gz