msLoadFontSet(): fix null pointer dereference

rouault · github-actions[bot] · commit 4c423d3e5278 · 2022-10-06T13:04:23.000Z
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52131
diff --git a/maplabel.c b/maplabel.c
@@ -792,6 +792,7 @@ int msLoadFontSet(fontSetObj *fontset, mapObj *map)
   char szPath[MS_MAXPATHLEN];
   int i;
   int bFullPath = 0;
+  const char* realpath;
 
   if(fontset->numfonts != 0) /* already initialized */
     return(0);
@@ -809,7 +810,12 @@ int msLoadFontSet(fontSetObj *fontset, mapObj *map)
   /* return(-1); */
   /* } */
 
-  stream = VSIFOpenL( msBuildPath(szPath, fontset->map->mappath, fontset->filename), "rb");
+  realpath = msBuildPath(szPath, fontset->map->mappath, fontset->filename);
+  if( !realpath ) {
+    free(path);
+    return -1;
+  }
+  stream = VSIFOpenL( realpath, "rb");
   if(!stream) {
     msSetError(MS_IOERR, "Error opening fontset %s.", "msLoadFontset()",
                fontset->filename);
