[libpng15] Fixed a potential null pointer dereference in png_set_text_2()
(bug report and patch by Patrick Keshishian)
diff --git a/ANNOUNCE b/ANNOUNCE
index 569c60c..a16412e 100644
--- a/ANNOUNCE
+++ b/ANNOUNCE
@@ -49,6 +49,8 @@
Since signed overflow is undefined in C90 the code has been modified to
correctly calculate a signed result. This requires changing the 'hi'
result parameter to a signed value.
+ Fixed a potential null pointer dereference in png_set_text_2() (bug report
+ and patch by Patrick Keshishian)
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
diff --git a/CHANGES b/CHANGES
index 877e07f..dfb660a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4528,6 +4528,8 @@
ensure that it is correct.
version 1.5.28 [December 29, 2016]
+ Fixed a potential null pointer dereference in png_set_text_2() (bug report
+ and patch by Patrick Keshishian).
Send comments/corrections/commendations to png-mng-implement at lists.sf.net
(subscription required; visit
diff --git a/png.c b/png.c
index 916eab4..26c4556 100644
--- a/png.c
+++ b/png.c
@@ -369,6 +369,7 @@
png_free(png_ptr, info_ptr->text);
info_ptr->text = NULL;
info_ptr->num_text = 0;
+ info_ptr->max_text = 0;
}
}
#endif