Call png_image_free_function without guarding it with png_safe_execute

png_image_free_function (or any other destructor) should never fail.
Destructors need not and must not be executed under png_safe_execute.

Reference: CVE-2019-7317, use-after-free in png_image_free
1 file changed