Fix a dereference of a null pointer

When exiting from for loop by not satisfying the condition of `(s = next[i])` at FcCacheRemoveUnlocked()
referring s->alloated will be invalid.
This commit is contained in:
Akira TAGOH 2018-11-30 10:42:26 +00:00
parent 3a45b8ef65
commit b047e29954
1 changed files with 10 additions and 7 deletions

View File

@ -710,6 +710,8 @@ FcCacheRemoveUnlocked (FcCache *cache)
while (fcCacheMaxLevel > 0 && fcCacheChains[fcCacheMaxLevel - 1] == NULL) while (fcCacheMaxLevel > 0 && fcCacheChains[fcCacheMaxLevel - 1] == NULL)
fcCacheMaxLevel--; fcCacheMaxLevel--;
if (s)
{
allocated = s->allocated; allocated = s->allocated;
while (allocated) while (allocated)
{ {
@ -719,6 +721,7 @@ FcCacheRemoveUnlocked (FcCache *cache)
allocated = next; allocated = next;
} }
free (s); free (s);
}
} }
static FcCache * static FcCache *