commit c2a68df83faee582f0d6741f05116505b72b9d5d
author Chris Palmer <palmer@chromium.org> Fri Jun 30 14:01:36 2017 -0700
committer Chromium commit bot <commit-bot@chromium.org> Fri Jun 30 21:15:46 2017 +0000
tree feda1cd72cd420cf6601386992d033ec035696c9
parent 573b10a8869b7fe1e17c2d27ddbfc3d6ef93ba43

Use the right free function for ICC color profiles.

They are allocated with |opj_malloc| (which is just |malloc|), but we were
freeing them with |FX_Free|. But |FX_Free| recently changed to be
|PartitionFree|.

This is probably not the right ultimate fix, but it should solve the
high-occurence crash we're seeing in the short term.

BUG=chromium:737033

Change-Id: Ia162fe4e39731bd774d3eccb2357d9add26aa079
Reviewed-on: https://pdfium-review.googlesource.com/7230
Commit-Queue: Chris Palmer <palmer@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>

core/fxcodec/codec/fx_codec_jpx_opj.cpp

diff --git a/core/fxcodec/codec/fx_codec_jpx_opj.cpp b/core/fxcodec/codec/fx_codec_jpx_opj.cpp
index 74ab5f2..5d94d0e 100644
--- a/core/fxcodec/codec/fx_codec_jpx_opj.cpp
+++ b/core/fxcodec/codec/fx_codec_jpx_opj.cpp
@@ -769,7 +769,10 @@
     color_sycc_to_rgb(image);
   }
   if (image->icc_profile_buf) {
-    FX_Free(image->icc_profile_buf);
+    // TODO(crbug.com/737033): Using |free| here resolves the crash described in
+    // chromium:737033, but ultimately we need to harmonize the memory
+    // allocation strategy across OpenJPEG and its PDFium callers.
+    free(image->icc_profile_buf);
     image->icc_profile_buf = nullptr;
     image->icc_profile_len = 0;
   }