From: Cristy <urban-warrior@imagemagick.org>
Date: Wed, 25 Apr 2018 00:07:33 +0000 (-0400)
Subject: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7964
X-Git-Tag: 7.0.7-29~43
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0ccf947aab17e9408f9db741698f1cd3895268fc;p=imagemagick

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7964
---

diff --git a/MagickCore/draw.c b/MagickCore/draw.c
index 38cd16141..8400f3d04 100644
--- a/MagickCore/draw.c
+++ b/MagickCore/draw.c
@@ -1534,6 +1534,8 @@ static MagickBooleanType DrawDashPolygon(const DrawInfo *draw_info,
     (2UL*number_vertices+32UL),sizeof(*dash_polygon));
   if (dash_polygon == (PrimitiveInfo *) NULL)
     return(MagickFalse);
+  (void) memset(dash_polygon,0,(2UL*number_vertices+32UL)*
+    sizeof(*dash_polygon));
   clone_info=CloneDrawInfo((ImageInfo *) NULL,draw_info);
   clone_info->miterlimit=0;
   dash_polygon[0]=primitive_info[0];
@@ -2850,6 +2852,8 @@ MagickExport MagickBooleanType DrawImage(Image *image,const DrawInfo *draw_info,
                     status=MagickFalse;
                     break;
                   }
+                (void) memset(graphic_context[n]->dash_pattern,0,(2UL*x+2UL)*
+                  sizeof(*graphic_context[n]->dash_pattern));
                 for (j=0; j < x; j++)
                 {
                   GetNextToken(q,&q,extent,token);