From 56075006131263e0859808d263d6d22cd4594fb9 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Tue, 29 Aug 2017 10:25:47 +0200
Subject: PJ_horner.c: fix memory leaks. Fixes
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3204. Credit to OSS
 Fuzz

---
 src/PJ_horner.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/PJ_horner.c b/src/PJ_horner.c
index 56980f72..c6560d3a 100644
--- a/src/PJ_horner.c
+++ b/src/PJ_horner.c
@@ -128,6 +128,8 @@ static void horner_free (HORNER *h) {
     horner_dealloc (h->fwd_u);
     horner_dealloc (h->fwd_c);
     horner_dealloc (h->inv_c);
+    horner_dealloc (h->fwd_origin);
+    horner_dealloc (h->inv_origin);
     horner_dealloc (h);
 }
 
@@ -406,8 +408,10 @@ static int parse_coefs (PJ *P, double *coefs, char *param, int ncoefs) {
     }
 
     sprintf (buf, "t%s", param);
-    if (0==pj_param (P->ctx, P->params, buf).i)
+    if (0==pj_param (P->ctx, P->params, buf).i) {
+        pj_dealloc (buf);
         return 0;
+    }
     sprintf (buf, "s%s", param);
     init = pj_param(P->ctx, P->params, buf).s;
     pj_dealloc (buf);
-- 
cgit v1.2.3