Properly convert static charsets to dynamic charsets.

Fix memory leak in error case (Coverity defects #1820, #1821, #1822).
Fix memory leak (Coverity defect #1819).
prevent crash when invalid include line is parsed (Coverity defect #763).
Fix potential null pointer access (Coverity defect #1804).
Remove dead code (Coverity defect #1194).
Prevent potential null pointer access (Coverity defect #767), ensure error
    value is read (Coverity defect #1195).
reviewed by: plam
This commit is contained in:
Patrick Lam 2006-04-11 14:20:59 +00:00
parent af2ad236f0
commit 04f7d3e7fd
8 changed files with 61 additions and 13 deletions

View File

@ -1,3 +1,32 @@
2006-04-11 Patrick Lam <plam@mit.edu>
* src/fccharset.c (FcCharSetPutLeaf):
Properly convert static charsets to dynamic charsets.
2006-04-11 Frederic Crozat <fcrozat@mandriva.com>
reviewed by: plam
* src/fcpat.c: (FcValueListEntCreate, FcPatternBaseFreeze,
FcPatternFreeze):
Fix memory leak in error case (Coverity defects #1820, #1821, #1822).
* src/fclang.c: (FcNameUnparseLangSet):
Fix memory leak (Coverity defect #1819).
* fc-lang/fc-lang.c: (scan):
prevent crash when invalid include line is parsed (Coverity defect
#763).
* fc-cat/fc-cat.c: (FcCacheFileRead):
Fix potential null pointer access (Coverity defect #1804).
* src/fcname.c: (FcObjectUnserialize):
Remove dead code (Coverity defect #1194).
* src/fcfreetype.c: (GetScriptTags):
Prevent potential null pointer access (Coverity defect #767),
ensure error value is read (Coverity defect #1195).
2006-04-11 Behdad Esfahbod <behdad@cs.toronto.edu> 2006-04-11 Behdad Esfahbod <behdad@cs.toronto.edu>
reviewed by: plam reviewed by: plam

View File

@ -244,6 +244,7 @@ FcCacheFileRead (FcFontSet * set, FcStrSet *dirs, char *cache_file)
char subdirName[FC_MAX_FILE_LEN + 1 + 12 + 1]; char subdirName[FC_MAX_FILE_LEN + 1 + 12 + 1];
static char name_buf[8192], *dir; static char name_buf[8192], *dir;
FcChar8 * ls; FcChar8 * ls;
char * buf;
if (!cache_file) if (!cache_file)
goto bail; goto bail;
@ -265,7 +266,8 @@ FcCacheFileRead (FcFontSet * set, FcStrSet *dirs, char *cache_file)
if (current_arch_start < 0) if (current_arch_start < 0)
goto bail1; goto bail1;
while (strlen(FcCacheReadString (fd, subdirName, sizeof (subdirName))) > 0) while ((buf = FcCacheReadString (fd, subdirName, sizeof (subdirName)))
&& *buf)
FcStrSetAdd (dirs, (FcChar8 *)subdirName); FcStrSetAdd (dirs, (FcChar8 *)subdirName);
dir = strdup(name_buf); dir = strdup(name_buf);

View File

@ -143,6 +143,9 @@ scan (FILE *f, char *file)
if (!strncmp (line, "include", 7)) if (!strncmp (line, "include", 7))
{ {
file = strchr (line, ' '); file = strchr (line, ' ');
if (!file)
fatal (line, lineno,
"invalid syntax, expected: include filename");
while (isspace(*file)) while (isspace(*file))
file++; file++;
f = scanopen (file); f = scanopen (file);

View File

@ -168,6 +168,7 @@ FcCharSetPutLeaf (FcCharSet *fcs,
return FcFalse; return FcFalse;
if (fcs->bank != FC_BANK_DYNAMIC) if (fcs->bank != FC_BANK_DYNAMIC)
{ {
/* convert to dynamic */
int i; int i;
leaves = malloc ((fcs->num + 1) * sizeof (FcCharLeaf *)); leaves = malloc ((fcs->num + 1) * sizeof (FcCharLeaf *));
@ -183,6 +184,10 @@ FcCharSetPutLeaf (FcCharSet *fcs,
leaves[i] = FcCharSetGetLeaf(fcs, i); leaves[i] = FcCharSetGetLeaf(fcs, i);
memcpy (numbers, FcCharSetGetNumbers(fcs), memcpy (numbers, FcCharSetGetNumbers(fcs),
fcs->num * sizeof (FcChar16)); fcs->num * sizeof (FcChar16));
fcs->bank = FC_BANK_DYNAMIC;
fcs->u.dyn.leaves = leaves;
fcs->u.dyn.numbers = numbers;
} }
else else
{ {

View File

@ -2744,11 +2744,13 @@ GetScriptTags(FT_Face face, FT_ULong tabletag, FT_ULong **stags, FT_UShort *scri
FT_Stream stream = face->stream; FT_Stream stream = face->stream;
FT_Error error; FT_Error error;
FT_UShort n, p; FT_UShort n, p;
FT_Memory memory = stream->memory; FT_Memory memory;
if ( !stream ) if ( !stream )
return TT_Err_Invalid_Face_Handle; return TT_Err_Invalid_Face_Handle;
memory = stream->memory;
if (( error = ftglue_face_goto_table( face, tabletag, stream ) )) if (( error = ftglue_face_goto_table( face, tabletag, stream ) ))
return error; return error;
@ -2795,7 +2797,7 @@ GetScriptTags(FT_Face face, FT_ULong tabletag, FT_ULong **stags, FT_UShort *scri
cur_offset = ftglue_stream_pos( stream ); cur_offset = ftglue_stream_pos( stream );
if ( ftglue_stream_seek( stream, new_offset ) ) if (( error = ftglue_stream_seek( stream, new_offset ) ))
goto Fail; goto Fail;
if ( error == TT_Err_Ok ) if ( error == TT_Err_Ok )

View File

@ -567,9 +567,15 @@ FcNameUnparseLangSet (FcStrBuf *buf, const FcLangSet *ls)
{ {
if (!first) if (!first)
if (!FcStrBufChar (buf, '|')) if (!FcStrBufChar (buf, '|'))
{
FcStrListDone (list);
return FcFalse; return FcFalse;
}
if (!FcStrBufString (buf, extra)) if (!FcStrBufString (buf, extra))
{
FcStrListDone (list);
return FcFalse; return FcFalse;
}
first = FcFalse; first = FcFalse;
} }
} }

View File

@ -381,19 +381,11 @@ FcObjectUnserialize (FcCache * metadata, void *block_ptr)
int i; int i;
char * bp = (char *)block_ptr; char * bp = (char *)block_ptr;
FcObjectType * bn; FcObjectType * bn;
FcObjectTypeList * bnl;
bn = malloc (sizeof (const FcObjectType) * (new_biggest + 1)); bn = malloc (sizeof (const FcObjectType) * (new_biggest + 1));
if (!bn) if (!bn)
return 0; return 0;
bnl = malloc (sizeof (FcObjectTypeList));
if (!bnl)
{
free (bn);
return 0;
}
for (i = 0; i < new_biggest; i++) for (i = 0; i < new_biggest; i++)
{ {
const FcObjectType * t = FcNameGetObjectType(bp); const FcObjectType * t = FcNameGetObjectType(bp);

View File

@ -399,7 +399,10 @@ FcValueListEntCreate (FcValueListPtr h)
return 0; return 0;
new = malloc (n * sizeof (FcValueList)); new = malloc (n * sizeof (FcValueList));
if (!new) if (!new)
{
free (ea);
return 0; return 0;
}
memset(new, 0, n * sizeof (FcValueList)); memset(new, 0, n * sizeof (FcValueList));
FcMemAlloc (FC_MEM_VALLIST, size); FcMemAlloc (FC_MEM_VALLIST, size);
e = &ea->ent; e = &ea->ent;
@ -575,11 +578,14 @@ FcPatternBaseFreeze (FcPattern *b)
ep = FcPatternCreate(); ep = FcPatternCreate();
if (!ep) if (!ep)
return 0; goto bail;
ent->pattern = ep; ent->pattern = ep;
epp = malloc(b->num * sizeof (FcPatternElt)); epp = malloc(b->num * sizeof (FcPatternElt));
if (!epp) if (!epp)
{
FcPatternDestroy (ep);
goto bail; goto bail;
}
ep->elts = FcPatternEltPtrCreateDynamic(epp); ep->elts = FcPatternEltPtrCreateDynamic(epp);
FcMemAlloc (FC_MEM_PATELT, sizeof (FcPatternElt)*(b->num)); FcMemAlloc (FC_MEM_PATELT, sizeof (FcPatternElt)*(b->num));
@ -650,7 +656,10 @@ FcPatternFreeze (FcPattern *p)
e = malloc(b->num * sizeof (FcPatternElt)); e = malloc(b->num * sizeof (FcPatternElt));
if (!e) if (!e)
{
FcPatternDestroy (b);
return 0; return 0;
}
b->elts = FcPatternEltPtrCreateDynamic(e); b->elts = FcPatternEltPtrCreateDynamic(e);
FcMemAlloc (FC_MEM_PATELT, sizeof (FcPatternElt)*(b->num)); FcMemAlloc (FC_MEM_PATELT, sizeof (FcPatternElt)*(b->num));