[Fontconfig] realloc error in FcObjectToPtrLookup and proposed
patch
Patrick Lam
plam at MIT.EDU
Tue Apr 11 20:03:37 PDT 2006
Ming Zhao wrote:
> Hello,
>
> I got a realloc error when running gnome-terminal with fontconfig-2.3.94:
> *** glibc detected *** realloc(): invalid next size: 0x00000000005da780***
>
> I did some debugging and found the implementation of FcObjectToPtrLookup
> didn't check user_obj_alloc against l->ntypes properly, which caused the
> the tail of _FcUserObjectNames being modified unexpectedly. I think
> "user_obj_alloc < l->ntypes" in fcname.c:222 should be changed to "<=".
>
> Also, we can't assume that the newly allocated pointer by realloc is the same
> as the older one, so we can't use "l->types == _FcUserObjectNames" after
> realloc.
>
> Attached is the proposed patch, hoping it would be useful.
Thanks. I almost forgot about this patch, since I was travelling at the
time. I've committed a minor variation on it.
pat
More information about the Fontconfig
mailing list