From: Jiyong Min <jiyong.min@samsung.com>
Date: Fri, 28 Apr 2017 09:40:07 +0000 (+0900)
Subject: Apply CVE-2016-10087 fix null-pointer-dereference bug in png_set_text_2()
X-Git-Tag: accepted/tizen/unified/20170518.182519^0
X-Git-Url: http://review.tizen.org/git/?p=platform%2Fupstream%2Flibpng.git;a=commitdiff_plain;h=396cc2b2522e802a19f08f851605371f8d3f18ea

Apply CVE-2016-10087 fix null-pointer-dereference bug in png_set_text_2()

Fixed a potential null pointer dereference in png_set_text_2() (bug report
and patch by Patrick Keshishian).
https://nvd.nist.gov/vuln/detail/CVE-2016-10087

Change-Id: Ie90ccd0772335cbf0715bfd6da0a3d5c1b6eff99
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
---

diff --git a/png.c b/png.c
old mode 100644
new mode 100755
index 1d1bde5..4a9d85c
--- a/png.c
+++ b/png.c
@@ -477,6 +477,7 @@ png_free_data(png_const_structrp png_ptr, png_inforp info_ptr, png_uint_32 mask,
          png_free(png_ptr, info_ptr->text);
          info_ptr->text = NULL;
          info_ptr->num_text = 0;
+         info_ptr->max_text = 0;
       }
    }
 #endif