Overview

File gimp-CVE-2026-2044.patch of Package gimp.42860

From 3b5f9ec2b4c03cf4a51a5414f2793844c26747e5 Mon Sep 17 00:00:00 2001
From: Gabriele Barbero <barbero.gabriele03@gmail.com>
Date: Fri, 5 Dec 2025 19:13:01 +0100
Subject: [PATCH] ZDI-CAN-28158: use g_malloc0 instead of g_malloc

To avoid accessing uninitialized memory, replace calls to g_malloc with
g_malloc0 which initializes the allocated memory to zero.

(cherry picked from commit 112a5e038f0646eae5ae314988ec074433d2b365)
---
 plug-ins/common/file-pnm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff -urp gimp-2.10.30.orig/plug-ins/common/file-pnm.c gimp-2.10.30/plug-ins/common/file-pnm.c
--- gimp-2.10.30.orig/plug-ins/common/file-pnm.c	2026-02-23 16:40:34.046358959 -0600
+++ gimp-2.10.30/plug-ins/common/file-pnm.c	2026-02-23 16:40:53.871524269 -0600
@@ -571,7 +571,7 @@ load_image (GFile   *file,
     return -1;
 
   /* allocate the necessary structures */
-  pnminfo = g_new (PNMInfo, 1);
+  pnminfo = g_new0 (PNMInfo, 1);
 
   scan = NULL;
   /* set error handling */
openSUSE Build Service is sponsored by
Places