evas: improve png safety

Change-Id: Id7f6a2b40d9e617382df05ed3aade796fdb26497

diff --git a/src/modules/evas/image_loaders/png/evas_image_load_png.c b/src/modules/evas/image_loaders/png/evas_image_load_png.c
index c85438a940de57cff3b6019789d3032d1f471835..1d1416d7c1a14defb2272c22d34185d2fa444651 100644 (file)
--- a/src/modules/evas/image_loaders/png/evas_image_load_png.c
+++ b/src/modules/evas/image_loaders/png/evas_image_load_png.c
@@ -819,15 +819,15 @@ evas_image_load_file_data_png(void *loader_data,
    //TIZEN_ONLY(20201111): Support APNG Image Format
    Evas_Image_Animated *animated = loader->animated;
    //
-   Evas_Image_Load_Opts *opts;
-   Eina_File *f;
+   Evas_Image_Load_Opts *opts = NULL;
+   Eina_File *f = NULL;
 
-   unsigned char *surface;
+   unsigned char *surface = NULL;
    Evas_PNG_Info epi;
    unsigned int pack_offset;
-   int w, h;
+   int w = 0, h = 0;
    char passes;
-   int i, j, p, k;
+   int i = 0, j = 0, p = 0, k = 0;
    volatile int scale_ratio = 1;
    volatile int region_set = 0;
    int image_w = 0, image_h = 0;
@@ -865,11 +865,16 @@ evas_image_load_file_data_png(void *loader_data,
 
         goto close_file;
      }
-   //
 
    if (!_evas_image_load_file_internal_head_png(loader, prop, &epi, error, EINA_FALSE))
      return EINA_FALSE;
 
+    if (!pixels)
+     {
+        *error = EVAS_LOAD_ERROR_GENERIC;
+        goto close_file;
+     }
+
    if (setjmp(png_jmpbuf(epi.png_ptr)))
      {
         *error = EVAS_LOAD_ERROR_CORRUPT_FILE;