walkero
/
fontconfig
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix memory leak (Coverity defect #2089). 

Ignore script if subtable is missing (Coverity defect #2088).
Fix possible null pointer dereference (Coverity defect #784) and memory
    leak (Coverity defects #785, #786).
Don't copy FcCharSet if we're going to throw it away anyway. (Reported by
    Kenichi Handa).
reviewed by: plam
This commit is contained in:
Patrick Lam 2006-04-12 14:36:36 +00:00
parent a56e89ab4f
commit 2f02e38361
5 changed files with 51 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
ChangeLog
View File

@ -1,3 +1,24 @@
2006-04-12 Frederic Crozat <fcrozat@mandriva.com>
reviewed by: plam
* src/fcpat.c: (FcPatternFreeze):
Fix memory leak (Coverity defect #2089).
* src/fcfreetype.c: (GetScriptTags):
Ignore script if subtable is missing (Coverity defect #2088).
2006-04-12 Patrick Lam <plam@mit.edu>
* src/fccfg.c (FcConfigSubstituteWithPat):
Fix possible null pointer dereference (Coverity defect #784)
and memory leak (Coverity defects #785, #786).
2006-04-12 Patrick Lam <plam@mit.edu>
* src/fcmatch.c (FcSortWalk, FcFontSetSort):
Don't copy FcCharSet if we're going to throw it away anyway.
(Reported by Kenichi Handa).
2006-04-11 Ming Zhao <ming@gentoo.org> 2006-04-11 Ming Zhao <ming@gentoo.org>
reviewed by: plam reviewed by: plam

4
src/fccfg.c
View File

@ -1512,7 +1512,8 @@ FcConfigSubstituteWithPat (FcConfig *config,
/* /*
* Delete the marked value * Delete the marked value
*/ */
FcConfigDel (&st[i].elt->values, thisValue); if (thisValue)
FcConfigDel (&st[i].elt->values, thisValue);
/* /*
* Adjust any pointers into the value list to ensure * Adjust any pointers into the value list to ensure
* future edits occur at the same place * future edits occur at the same place
@ -1567,6 +1568,7 @@ FcConfigSubstituteWithPat (FcConfig *config,
FcConfigPatternAdd (p, e->field, l, FcTrue); FcConfigPatternAdd (p, e->field, l, FcTrue);
break; break;
default: default:
FcValueListDestroy (FcValueListPtrCreateDynamic(l));
break; break;
} }
} }

5
src/fcfreetype.c
View File

@ -2797,13 +2797,10 @@ GetScriptTags(FT_Face face, FT_ULong tabletag, FT_ULong **stags, FT_UShort *scri
cur_offset = ftglue_stream_pos( stream ); cur_offset = ftglue_stream_pos( stream );
if (( error = ftglue_stream_seek( stream, new_offset ) )) error = ftglue_stream_seek( stream, new_offset );
goto Fail;
if ( error == TT_Err_Ok ) if ( error == TT_Err_Ok )
p++; p++;
else if ( error != TTO_Err_Empty_Script )
goto Fail;
(void)ftglue_stream_seek( stream, cur_offset ); (void)ftglue_stream_seek( stream, cur_offset );
} }

33
src/fcmatch.c
View File

@ -791,7 +791,7 @@ FcSortCompare (const void *aa, const void *ab)
} }
static FcBool static FcBool
FcSortWalk (FcSortNode **n, int nnode, FcFontSet *fs, FcCharSet **cs, FcBool trim) FcSortWalk (FcSortNode **n, int nnode, FcFontSet *fs, FcCharSet **cs, FcBool trim, FcBool build_cs)
{ {
FcCharSet *ncs; FcCharSet *ncs;
FcSortNode *node; FcSortNode *node;
@ -808,16 +808,20 @@ FcSortWalk (FcSortNode **n, int nnode, FcFontSet *fs, FcCharSet **cs, FcBool tri
*/ */
if (!trim || !*cs || !FcCharSetIsSubset (ncs, *cs)) if (!trim || !*cs || !FcCharSetIsSubset (ncs, *cs))
{ {
if (*cs) if (!trim && build_cs)
{ {
ncs = FcCharSetUnion (ncs, *cs); if (*cs)
if (!ncs) {
return FcFalse; ncs = FcCharSetUnion (ncs, *cs);
FcCharSetDestroy (*cs); if (!ncs)
} return FcFalse;
else FcCharSetDestroy (*cs);
ncs = FcCharSetCopy (ncs); }
*cs = ncs; else
ncs = FcCharSetCopy (ncs);
*cs = ncs;
}
FcPatternReference (node->pattern); FcPatternReference (node->pattern);
if (FcDebug () & FC_DBG_MATCH) if (FcDebug () & FC_DBG_MATCH)
{ {
@ -986,13 +990,16 @@ FcFontSetSort (FcConfig *config,
cs = 0; cs = 0;
if (!FcSortWalk (nodeps, nnodes, ret, &cs, trim)) if (!FcSortWalk (nodeps, nnodes, ret, &cs, trim, (csp!=0)))
goto bail2; goto bail2;
if (csp) if (csp)
*csp = cs; *csp = cs;
else else
FcCharSetDestroy (cs); {
if (cs)
FcCharSetDestroy (cs);
}
free (nodes); free (nodes);

7
src/fcpat.c
View File

@ -639,7 +639,7 @@ FcPatternBaseThawAll (void)
FcPattern * FcPattern *
FcPatternFreeze (FcPattern *p) FcPatternFreeze (FcPattern *p)
{ {
FcPattern *b, *n = 0; FcPattern *b, *n = 0, *freeme = 0;
FcPatternElt *e; FcPatternElt *e;
int i; int i;
@ -673,7 +673,10 @@ FcPatternFreeze (FcPattern *p)
(FcPatternEltU(b->elts)+i)->values = (FcPatternEltU(b->elts)+i)->values =
FcValueListFreeze((FcPatternEltU(p->elts)+i)->values); FcValueListFreeze((FcPatternEltU(p->elts)+i)->values);
if (!FcValueListPtrU((FcPatternEltU(p->elts)+i)->values)) if (!FcValueListPtrU((FcPatternEltU(p->elts)+i)->values))
{
freeme = b;
goto bail; goto bail;
}
} }
if (FcPatternFindElt (p, FC_FILE)) if (FcPatternFindElt (p, FC_FILE))
@ -695,6 +698,8 @@ FcPatternFreeze (FcPattern *p)
b->elts = FcPatternEltPtrCreateDynamic(0); b->elts = FcPatternEltPtrCreateDynamic(0);
FcMemFree (FC_MEM_PATELT, sizeof (FcPatternElt)*(b->num)); FcMemFree (FC_MEM_PATELT, sizeof (FcPatternElt)*(b->num));
b->num = -1; b->num = -1;
if (freeme)
FcPatternDestroy (freeme);
#ifdef DEBUG #ifdef DEBUG
assert (FcPatternEqual (n, p)); assert (FcPatternEqual (n, p));
#endif #endif