From d276bcb7f0c02c20d3585b2e5626702df6d140a6 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Sun, 9 Jan 2022 07:48:59 +0100
Subject: [PATCH] [bzip2] Avoid use of uninitialized memory.

* src/bzip2/ftbzip2.c (FT_Stream_OpenBzip2): Don't use `FT_QNEW` but
`FT_NEW` for setting up `zip` to avoid uninitialized memory access while
handling malformed PCF fonts later on.

Fixes

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42800
---
 src/bzip2/ftbzip2.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/bzip2/ftbzip2.c b/src/bzip2/ftbzip2.c
index 296cea088..704979406 100644
--- a/src/bzip2/ftbzip2.c
+++ b/src/bzip2/ftbzip2.c
@@ -481,7 +481,9 @@
     FT_ZERO( stream );
     stream->memory = memory;
 
-    if ( !FT_QNEW( zip ) )
+    /* Don't use `FT_QNEW` here to avoid problems with uninitialized */
+    /* memory later on if the font is malformed.                     */
+    if ( !FT_NEW( zip ) )
     {
       error = ft_bzip2_file_init( zip, stream, source );
       if ( error )