From 10b4736669928673cc9a5c5f2a88ffdc92f1b560 Mon Sep 17 00:00:00 2001
From: Augustus <wangdw.augustus@qq.com>
Date: Mon, 7 Mar 2022 18:21:49 +0800
Subject: [PATCH 1/3] add checks for return value of limitMalloc (#392)

---
 tools/tiffcrop.c | 32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
index 61bafc5..68ac071 100644
--- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c
@@ -7316,7 +7316,11 @@ createImageSection(uint32 sectsize, unsigned char **sect_buff_ptr)
   if (!sect_buff)
     {
     sect_buff = (unsigned char *)_TIFFmalloc(sectsize);
-    *sect_buff_ptr = sect_buff;
+    if (!sect_buff)
+    {
+        TIFFError("createImageSection", "Unable to allocate/reallocate section buffer");
+        return (-1);
+    }
     _TIFFmemset(sect_buff, 0, sectsize);
     }
   else
@@ -7332,15 +7336,15 @@ createImageSection(uint32 sectsize, unsigned char **sect_buff_ptr)
       else
         sect_buff = new_buff;
 
+      if (!sect_buff)
+      {
+          TIFFError("createImageSection", "Unable to allocate/reallocate section buffer");
+          return (-1);
+      }
       _TIFFmemset(sect_buff, 0, sectsize);
       }
     }
 
-  if (!sect_buff)
-    {
-    TIFFError("createImageSection", "Unable to allocate/reallocate section buffer");
-    return (-1);
-    }
   prev_sectsize = sectsize;
   *sect_buff_ptr = sect_buff;
 
@@ -7607,7 +7611,11 @@ createCroppedImage(struct image_data *image, struct crop_mask *crop,
   if (!crop_buff)
     {
     crop_buff = (unsigned char *)_TIFFmalloc(cropsize);
-    *crop_buff_ptr = crop_buff;
+    if (!crop_buff)
+    {
+        TIFFError("createCroppedImage", "Unable to allocate/reallocate crop buffer");
+        return (-1);
+    }
     _TIFFmemset(crop_buff, 0, cropsize);
     prev_cropsize = cropsize;
     }
@@ -7623,15 +7631,15 @@ createCroppedImage(struct image_data *image, struct crop_mask *crop,
         }
       else
         crop_buff = new_buff;
+      if (!crop_buff)
+      {
+          TIFFError("createCroppedImage", "Unable to allocate/reallocate crop buffer");
+          return (-1);
+      }
       _TIFFmemset(crop_buff, 0, cropsize);
       }
     }
 
-  if (!crop_buff)
-    {
-    TIFFError("createCroppedImage", "Unable to allocate/reallocate crop buffer");
-    return (-1);
-    }
   *crop_buff_ptr = crop_buff;
 
   if (crop->crop_mode & CROP_INVERT)
-- 
2.27.0