Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Call png_image_free_function without guarding it with png_safe_execute
png_image_free_function (or any other destructor) should never fail. Destructors need not and must not be executed under png_safe_execute. Reference: CVE-2019-7317, use-after-free in png_image_free Upstream commit: pnggroup/libpng@9c0d5c7 pnggroup/libpng#275 Change-Id: I1f8f39bb80e8be17aaa565c8efc28a93d56b0b12
- Loading branch information