From ebf9a9871a1424469c6850d1844b1487e32d137a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sl=C3=A1vek=20Banko?= <slavek.banko@axis.cz>
Date: Mon, 9 Mar 2015 22:32:50 +0100
Subject: Fix security issue CVE-2014-0190 [taken from RedHat Qt3 patches]

---
 src/kernel/qasyncimageio.cpp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/kernel/qasyncimageio.cpp b/src/kernel/qasyncimageio.cpp
index c42e876e..489d69af 100644
--- a/src/kernel/qasyncimageio.cpp
+++ b/src/kernel/qasyncimageio.cpp
@@ -904,7 +904,12 @@ int TQGIFFormat::decode(TQImage& img, TQImageConsumer* consumer,
 		    sheight = newtop + newheight;
 
 		if (img.isNull()) {
-		    img.create(swidth, sheight, 32);
+		    if (!img.create(swidth, sheight, 32)) {
+			// Check if the attempt to create the image failed. If
+			// it did, the image is broken and we should give up.
+			state = Error;
+			return -1;
+		    }
 		    memset( img.bits(), 0, img.numBytes() );
 		    if (consumer) consumer->setSize(swidth, sheight);
 		}
-- 
cgit v1.2.3