1. 24 Jul, 2019 1 commit
  2. 27 Nov, 2018 1 commit
  3. 04 Oct, 2018 5 commits
  4. 29 Sep, 2018 2 commits
  5. 29 Jun, 2018 2 commits
  6. 24 May, 2018 1 commit
  7. 11 May, 2018 2 commits
  8. 07 May, 2018 1 commit
  9. 28 Mar, 2018 1 commit
  10. 17 Mar, 2018 3 commits
  11. 08 Mar, 2018 4 commits
  12. 07 Mar, 2018 5 commits
  13. 25 Feb, 2018 3 commits
  14. 10 Feb, 2018 1 commit
  15. 20 Dec, 2017 4 commits
  16. 18 Dec, 2017 2 commits
  17. 03 Jul, 2017 2 commits
    • Sebastian Ramacher's avatar
    • Adrien Schildknecht's avatar
      Fix double free in pdf_page_init() · 83b3f9e7
      Adrien Schildknecht authored
      In case of failure in 'pdf_page_init', the mupdf_page is being cleared
      and freed but the zathura_page still holds a pointer to it, resulting
      in a double free when 'pdf_page_clear' is later called.
      
      The execution flow resulting in a double free is the following:
        zathura_page_new()
          pdf_page_init()
            zathura_page_set_data()
            failure of fz_load_page(),fz_bound_page() or fz_new_stext_sheet()
            pdf_page_clear()
          zathura_page_free()
            pdf_page_clear() // double free
      
      Make sure 'zathura_page_set_data' is called only if no errors occurred
      so that page->data never points to freed memory.
      83b3f9e7