From a51cbd865f922b9a39a0db421ab84b6c4108bd56 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Sun, 3 Feb 2019 13:47:20 +0100
Subject: [PATCH] tga: fail gracefully if readRawData errors

oss-fuzz/12818
---
 src/imageformats/tga.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/imageformats/tga.cpp b/src/imageformats/tga.cpp
index ab05e33..cbe4089 100644
--- a/src/imageformats/tga.cpp
+++ b/src/imageformats/tga.cpp
@@ -206,6 +206,9 @@ static bool LoadTGA(QDataStream &s, const TgaHeader &tga, QImage &img)
         // @todo Support palettes in other formats!
         const int size = 3 * tga.colormap_length;
         const int dataRead = s.readRawData(palette, size);
+        if (dataRead < 0) {
+            return false;
+        }
         if (dataRead < size) {
             memset(&palette[dataRead], 0, size - dataRead);
         }
@@ -260,6 +263,10 @@ static bool LoadTGA(QDataStream &s, const TgaHeader &tga, QImage &img)
     } else {
         // Read raw image.
         const int dataRead = s.readRawData((char *)image, size);
+        if (dataRead < 0) {
+            free(image);
+            return false;
+        }
         if (dataRead < size) {
             memset(&image[dataRead], 0, size - dataRead);
         }