[Fontconfig] Code review needed ,spotted by Coverity

[Frederic Crozat]

Le mercredi 12 avril 2006 à 01:44 -0400, Patrick Lam a écrit :
> Frederic Crozat wrote:

> > -defect #759 in fccharset.c / FcCharSetSubtractCount :
> > *bm might be NULL because of assignment to bi.leaf->map and then it is
> > accessed without any NULL test. I don't know if bi.leaf->map is never
> > NULL.
> 
> I don't understand this code yet.  The problem is not that ->map is 
> NULL, but that bi might be NULL.  ->map can't be null, it's a 
> FcChar32[256/32].

Well, I didn't understand it either. But you are right about the
incorrect access, the defect is about bi being NULL.

> > -defects #783, #784, #785, #786 : 
> > * if config->maxObjects == 0, but config->substPattern or
> > config->substFont are not NULL, st, while NULL, will be accessed
> > * at line 1497, there is a test against thisValue being NULL (so, it
> > might be NULL), but FcConfigDel called at line 1506 might deferences
> > thisValue, causing a crash.
> > * at line 1463, l might be leaked if switch (e->op) is handled by
> > default case). I don't know if it is possible.
> 
> Can you give more details on these defects?

Here are the url for the defects, they seems to work, I don't know for
how long. Otherwise, I'll copy the defect page elsewhere.

http://scan.coverity.com:7468/view-error.cgi?id=7529&runid=19&user=fcrozat&magic=636dfd390b4c5cc1f308d2841e3a3c5e&prevpage=query-run-table.cgi%3Ffile%3Dfontconfig%26magic%3D636dfd390b4c5cc1f308d2841e3a3c5e%26prevpage%3D%252Findex.cgi%253Fmagic%253D636dfd390b4c5cc1f308d2841e3a3c5e%2526user%253Dfcrozat%26runid%3D19%26user%3Dfcrozat&prevpagename=Search%20Results

http://scan.coverity.com:7468/view-error.cgi?id=10169&runid=21&user=fcrozat&magic=636dfd390b4c5cc1f308d2841e3a3c5e&prevpage=query-run-table.cgi%3Ffile%3Dfontconfig%26magic%3D636dfd390b4c5cc1f308d2841e3a3c5e%26prevpage%3D%252Findex.cgi%253Fmagic%253D636dfd390b4c5cc1f308d2841e3a3c5e%2526user%253Dfcrozat%26runid%3D21%26user%3Dfcrozat&prevpagename=Search%20Results

http://scan.coverity.com:7468/view-error.cgi?id=10470&runid=21&user=fcrozat&magic=636dfd390b4c5cc1f308d2841e3a3c5e&prevpage=query-run-table.cgi%3Ffile%3Dfontconfig%26magic%3D636dfd390b4c5cc1f308d2841e3a3c5e%26prevpage%3D%252Findex.cgi%253Fmagic%253D636dfd390b4c5cc1f308d2841e3a3c5e%2526user%253Dfcrozat%26runid%3D21%26user%3Dfcrozat&prevpagename=Search%20Results

http://scan.coverity.com:7468/view-error.cgi?id=10469&runid=21&user=fcrozat&magic=636dfd390b4c5cc1f308d2841e3a3c5e&prevpage=query-run-table.cgi%3Ffile%3Dfontconfig%26magic%3D636dfd390b4c5cc1f308d2841e3a3c5e%26prevpage%3D%252Findex.cgi%253Fmagic%253D636dfd390b4c5cc1f308d2841e3a3c5e%2526user%253Dfcrozat%26runid%3D21%26user%3Dfcrozat&prevpagename=Search%20Results


Also, Coverity updated their databases with yesterday fixes.

There are two new defects for some cases which were not completely fixed
with yesterday patches.

First one is in fcfreetype.c, some deadcode was still there. Based on
bedhad comment ("if you ask me, you should remove both goto Fail's in
that loop. it's trying to list scripts supported by the font, and if one
of the subtables is missing, we can simply ignore that script, instead
of failing the entire operation), I've cooked one patch which remove two
of the goto to fix defect #2088.

The other defect is a memory leak in FcPatternFreeze (fcpat.c) in error
case (defect #2089).

-- 
Frederic Crozat <fcrozat at mandriva.com>
Mandriva
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fontconfig-2.3.94-fcfreetypefixes2.patch
Type: text/x-patch
Size: 1259 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/fontconfig/attachments/20060412/52421c5e/fontconfig-2.3.94-fcfreetypefixes2.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fontconfig-2.3.94-fcpatmemleak.patch
Type: text/x-patch
Size: 1519 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/fontconfig/attachments/20060412/52421c5e/fontconfig-2.3.94-fcpatmemleak.bin