From 3e0b913e44c46962147a0b50db29b89108ac9e82 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Sun, 20 Dec 2020 15:22:41 +0100
Subject: [PATCH] LibGfx: Fail PNG decode if output bitmap can't be allocated

Otherwise we'll assert soon afterwards.

Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28838
---
 Libraries/LibGfx/PNGLoader.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Libraries/LibGfx/PNGLoader.cpp b/Libraries/LibGfx/PNGLoader.cpp
index d687ee6b2a..47b03ff391 100644
--- a/Libraries/LibGfx/PNGLoader.cpp
+++ b/Libraries/LibGfx/PNGLoader.cpp
@@ -617,6 +617,11 @@ static bool decode_png_bitmap_simple(PNGLoadingContext& context)
 
     context.bitmap = Bitmap::create_purgeable(context.has_alpha() ? BitmapFormat::RGBA32 : BitmapFormat::RGB32, { context.width, context.height });
 
+    if (!context.bitmap) {
+        context.state = PNGLoadingContext::State::Error;
+        return false;
+    }
+
     unfilter(context);
 
     return true;