Fix a problem in FcConfigSubstitute

We were using the family names from the pattern without
copying, and this was leading to a valgrind warning:
==53167== Invalid read of size 1
==53167==    at 0x58B0238: FcStrCaseWalkerNextNonBlank (fcstr.c:198)
==53167==    by 0x58B0238: FcStrCaseWalkerNextNonBlank (fcstr.c:186)
==53167==    by 0x58B02C7: FcStrCmpIgnoreBlanksAndCase (fcstr.c:281)
==53167==    by 0x58A4D44: FcHashTableFind (fchash.c:109)
==53167==    by 0x5895E76: FamilyTableAdd (fccfg.c:1634)
==53167==    by 0x589646A: FcConfigAdd.isra.0 (fccfg.c:1823)
==53167==    by 0x58988CF: IA__FcConfigSubstituteWithPat.part.0 (fccfg.c:2228)
==53167==    by 0x55F4F1A: pango_cairo_fc_font_map_fontset_key_substitute (pangocairo-fcfontmap.c:106)
==53167==    by 0x5B88AF6: pango_fc_default_substitute (pangofc-fontmap.c:1795)
==53167==    by 0x5B88D15: pango_fc_font_map_get_patterns (pangofc-fontmap.c:1850)
==53167==    by 0x5B88FC7: pango_fc_font_map_load_fontset (pangofc-fontmap.c:1952)
==53167==    by 0x5623627: pango_font_map_load_fontset (pango-fontmap.c:161)
==53167==    by 0x5621743: pango_context_get_metrics (pango-context.c:1782)
==53167==  Address 0x150d3450 is 0 bytes inside a block of size 10 free'd
==53167==    at 0x483B9F5: free (vg_replace_malloc.c:538)
==53167==    by 0x58ABE70: FcValueListDestroy (fcpat.c:147)
==53167==    by 0x5898A08: IA__FcConfigSubstituteWithPat.part.0 (fccfg.c:2203)
==53167==    by 0x55F4F1A: pango_cairo_fc_font_map_fontset_key_substitute (pangocairo-fcfontmap.c:106)
==53167==    by 0x5B88AF6: pango_fc_default_substitute (pangofc-fontmap.c:1795)
==53167==    by 0x5B88D15: pango_fc_font_map_get_patterns (pangofc-fontmap.c:1850)
==53167==    by 0x5B88FC7: pango_fc_font_map_load_fontset (pangofc-fontmap.c:1952)
==53167==    by 0x5623627: pango_font_map_load_fontset (pango-fontmap.c:161)
==53167==    by 0x5621743: pango_context_get_metrics (pango-context.c:1782)

Use copies of the strings as keys in the hash table to avoid this.
This commit is contained in:
Matthias Clasen 2020-08-30 12:03:04 -04:00
parent 9c1946d330
commit e735abcfe1
1 changed files with 11 additions and 4 deletions

View File

@ -1662,6 +1662,13 @@ FamilyTableDel (FamilyTable *table,
} }
} }
static FcBool
copy_string (const void *src, void **dest)
{
*dest = strdup ((char *)src);
return FcTrue;
}
static void static void
FamilyTableInit (FamilyTable *table, FamilyTableInit (FamilyTable *table,
FcPattern *p) FcPattern *p)
@ -1670,15 +1677,15 @@ FamilyTableInit (FamilyTable *table,
table->family_blank_hash = FcHashTableCreate ((FcHashFunc)FcStrHashIgnoreBlanksAndCase, table->family_blank_hash = FcHashTableCreate ((FcHashFunc)FcStrHashIgnoreBlanksAndCase,
(FcCompareFunc)FcStrCmpIgnoreBlanksAndCase, (FcCompareFunc)FcStrCmpIgnoreBlanksAndCase,
(FcCopyFunc)copy_string,
NULL, NULL,
NULL, free,
NULL,
free); free);
table->family_hash = FcHashTableCreate ((FcHashFunc)FcStrHashIgnoreCase, table->family_hash = FcHashTableCreate ((FcHashFunc)FcStrHashIgnoreCase,
(FcCompareFunc)FcStrCmpIgnoreCase, (FcCompareFunc)FcStrCmpIgnoreCase,
(FcCopyFunc)copy_string,
NULL, NULL,
NULL, free,
NULL,
free); free);
e = FcPatternObjectFindElt (p, FC_FAMILY_OBJECT); e = FcPatternObjectFindElt (p, FC_FAMILY_OBJECT);
if (e) if (e)