From ebfef687074fdb08b78bdb47a54fbb2d034a198a Mon Sep 17 00:00:00 2001
From: Kleis Auke Wolthuizen <github@kleisauke.nl>
Date: Mon, 13 Jun 2022 13:59:40 +0200
Subject: [PATCH] cgifsave: fix stack-use-after-scope (#2862)

By reusing `cgif->palette_rgb`, this ensures that `pLocalPalette`
doesn't become indeterminate when it reaches `cgif_addframe`.
---
 libvips/foreign/cgifsave.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/libvips/foreign/cgifsave.c b/libvips/foreign/cgifsave.c
index c285ad15..b001562a 100644
--- a/libvips/foreign/cgifsave.c
+++ b/libvips/foreign/cgifsave.c
@@ -99,7 +99,7 @@ typedef struct _VipsForeignSaveCgif {
 	int *palette;
 	int n_colours;
 
-	/* The global palette as RGB (not RGBA).
+	/* The palette as RGB (not RGBA).
 	 */
 	VipsPel palette_rgb[256 * 3];
 
@@ -576,12 +576,10 @@ vips_foreign_save_cgif_write_frame( VipsForeignSaveCgif *cgif )
 	/* Attach a local palette, if we need one.
 	 */
 	if( use_local ) {
-		VipsPel rgb[256 * 3];
-
 		vips_foreign_save_cgif_get_rgb_palette( cgif,
-			quantisation_result, rgb );
+			quantisation_result, cgif->palette_rgb );
 		frame_config.attrFlags |= CGIF_FRAME_ATTR_USE_LOCAL_TABLE;
-		frame_config.pLocalPalette = rgb;
+		frame_config.pLocalPalette = cgif->palette_rgb;
 		frame_config.numLocalPaletteEntries = n_colours;
 	}