Fix missing null dereference checks

Author: wiredfool

src/_avif.c

@@ -708,15 +708,27 @@ _decoder_get_info(AvifDecoderObject *self) {
 
     if (image->xmp.size) {
         xmp = PyBytes_FromStringAndSize((const char *)image->xmp.data, image->xmp.size);
+        if (!xmp) {
+          return NULL;
+        }
     }
 
     if (image->exif.size) {
         exif =
             PyBytes_FromStringAndSize((const char *)image->exif.data, image->exif.size);
+        if (!exif) {
+          Py_XDECREF(xmp);
+          return NULL;
+        }
     }
 
     if (image->icc.size) {
         icc = PyBytes_FromStringAndSize((const char *)image->icc.data, image->icc.size);
+        if (!icc) {
+          Py_XDECREF(xmp);
+          Py_XDECREF(exif);
+          return NULL;
+        }
     }
 
     ret = Py_BuildValue(
@@ -799,13 +811,17 @@ _decoder_get_frame(AvifDecoderObject *self, PyObject *args) {
 
     if (rgb.height > PY_SSIZE_T_MAX / rgb.rowBytes) {
         PyErr_SetString(PyExc_MemoryError, "Integer overflow in pixel size");
+        // UNDONE avifRGBImageFreePixels(&rgb); ??
         return NULL;
     }
 
     size = rgb.rowBytes * rgb.height;
 
     bytes = PyBytes_FromStringAndSize((char *)rgb.pixels, size);
     avifRGBImageFreePixels(&rgb);
+    if (!bytes) {
+        return NULL;
+    }
 
     ret = Py_BuildValue(
         "SKKK",

src/_imaging.c

@@ -2469,6 +2469,9 @@ _split(ImagingObject *self) {
     }
 
     list = PyTuple_New(self->image->bands);
+    if (!list) {
+        return NULL;
+    }
     for (i = 0; i < self->image->bands; i++) {
         imaging_object = PyImagingNew(bands[i]);
         if (!imaging_object) {
@@ -3765,6 +3768,9 @@ _ptr_destructor(PyObject *capsule) {
 static PyObject *
 _getattr_ptr(ImagingObject *self, void *closure) {
     PyObject *capsule = PyCapsule_New(self->image, IMAGING_MAGIC, _ptr_destructor);
+    if (!capsule) {
+        return NULL;
+    }
     Py_INCREF(self);
     PyCapsule_SetContext(capsule, self);
     return capsule;

src/_imagingft.c

@@ -941,6 +941,10 @@ font_render(FontObject *self, PyObject *args) {
         return NULL;
     }
     PyObject *imagePtr = PyObject_GetAttrString(image, "ptr");
+    if (!imagePtr) {
+        PyMem_Del(glyph_info);
+        return NULL;
+    }
     im = (Imaging)PyCapsule_GetPointer(imagePtr, IMAGING_MAGIC);
     Py_XDECREF(imagePtr);
 

src/_imagingmorph.c

@@ -143,6 +143,9 @@ match(PyObject *self, PyObject *args) {
     }
 
     imgin = (Imaging)PyCapsule_GetPointer(i0, IMAGING_MAGIC);
+    if (!imgin) {
+        return NULL;
+    }
 
     if (imgin->type != IMAGING_TYPE_UINT8 || imgin->bands != 1) {
         PyErr_SetString(PyExc_RuntimeError, "Unsupported image type");
@@ -185,6 +188,10 @@ match(PyObject *self, PyObject *args) {
                  (b6 << 6) | (b7 << 7) | (b8 << 8));
             if (lut[lut_idx]) {
                 PyObject *coordObj = Py_BuildValue("(nn)", col_idx, row_idx);
+                if (!coordObj) {
+                    Py_XDECREF(ret);
+                    return NULL;
+                }
                 PyList_Append(ret, coordObj);
                 Py_XDECREF(coordObj);
             }
@@ -230,6 +237,10 @@ get_on_pixels(PyObject *self, PyObject *args) {
         for (col_idx = 0; col_idx < width; col_idx++) {
             if (row[col_idx]) {
                 PyObject *coordObj = Py_BuildValue("(nn)", col_idx, row_idx);
+                if (!coordObj) {
+                    Py_XDECREF(ret);
+                    return NULL;
+                }
                 PyList_Append(ret, coordObj);
                 Py_XDECREF(coordObj);
             }

src/_webp.c

@@ -503,6 +503,9 @@ _anim_decoder_get_next(PyObject *self) {
     bytes = PyBytes_FromStringAndSize(
         (char *)buf, decp->info.canvas_width * 4 * decp->info.canvas_height
     );
+    if (!bytes) {
+        return NULL;
+    }
 
     ret = Py_BuildValue("Si", bytes, timestamp);