Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy() Origin: vendor, http://www.openwall.com/lists/oss-security/2016/03/03/12 Bug-Ubuntu: https://launchpad.net/bugs/1547865 Bug-Debian: https://bugs.debian.org/816625 Forwarded: not-needed Author: Tyler Hicks Reviewed-by: Salvatore Bonaccorso Last-Update: 2016-03-05 --- a/src/libjasper/base/jas_icc.c +++ b/src/libjasper/base/jas_icc.c @@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre if (jas_iccprof_setattr(prof, tagtabent->tag, attrval)) goto error; jas_iccattrval_destroy(attrval); + attrval = 0; } else { #if 0 jas_eprintf("warning: skipping unknown tag type\n");