Check for TQImage allocation failure in qasyncimageio.

Since image files easily can be (or corrupt files claim to be) huge,
it is worth checking for out of memory situations.

Based on Qt5 patch for CVE-2018-19870.

Signed-off-by: Slávek Banko <slavek.banko@axis.cz>

1 files changed, 6 insertions, 3 deletions

diff --git a/src/kernel/qasyncimageio.cpp b/src/kernel/qasyncimageio.cpp
index a8196e93..8605c79a 100644
--- a/src/kernel/qasyncimageio.cpp
+++ b/src/kernel/qasyncimageio.cpp
@@ -964,9 +964,12 @@ int TQGIFFormat::decode(TQImage& img, TQImageConsumer* consumer,
 		    if (backingstore.width() < w
 			|| backingstore.height() < h) {
 			// We just use the backing store as a byte array
-			backingstore.create( TQMAX(backingstore.width(), w),
-					     TQMAX(backingstore.height(), h),
-					     32);
+			if(!backingstore.create( TQMAX(backingstore.width(), w),
+						 TQMAX(backingstore.height(), h),
+						 32)) {
+				state = Error;
+				return -1;
+			}
 			memset( img.bits(), 0, img.numBytes() );
 		    }
 		    for (int ln=0; ln<h; ln++) {