diff options
| author | mhm@chromium.org <mhm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-06-01 22:41:42 +0000 |
|---|---|---|
| committer | mhm@chromium.org <mhm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-06-01 22:41:42 +0000 |
| commit | 07aa910d904da92ba9d461d4f867b9438ace6ce0 (patch) | |
| tree | 4c4efa14aa4a652b9a27724f1d79f4a73d3ba77e /third_party/libpng/pngread.c | |
| parent | f4145d43019e7ba00c539e54ac7fb57944f17915 (diff) | |
| download | chromium_src-07aa910d904da92ba9d461d4f867b9438ace6ce0.zip chromium_src-07aa910d904da92ba9d461d4f867b9438ace6ce0.tar.gz chromium_src-07aa910d904da92ba9d461d4f867b9438ace6ce0.tar.bz2 | |
Security bug for libpng, update needed to 1.2.36
There's a new version of libpng, 1.2.36 which fixes a security bug. Chrome/Chromium still runs on 1.2.35 it seems
BUG=13046
TEST=Ran tests
Review URL: http://codereview.chromium.org/112080
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@17365 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'third_party/libpng/pngread.c')
| -rw-r--r-- | third_party/libpng/pngread.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/third_party/libpng/pngread.c b/third_party/libpng/pngread.c index ace91ba..8e9c0cb 100644 --- a/third_party/libpng/pngread.c +++ b/third_party/libpng/pngread.c @@ -1434,11 +1434,11 @@ png_read_png(png_structp png_ptr, png_infop info_ptr, { info_ptr->row_pointers = (png_bytepp)png_malloc(png_ptr, info_ptr->height * png_sizeof(png_bytep)); + png_memset(info_ptr->row_pointers, 0, info_ptr->height + * png_sizeof(png_bytep)); #ifdef PNG_FREE_ME_SUPPORTED info_ptr->free_me |= PNG_FREE_ROWS; #endif - png_memset(info_ptr->row_pointers, 0, info_ptr->height - * png_sizeof(png_bytep)); for (row = 0; row < (int)info_ptr->height; row++) info_ptr->row_pointers[row] = (png_bytep)png_malloc(png_ptr, png_get_rowbytes(png_ptr, info_ptr)); |