[cairo-commit] src/cairo-win32-font.c
Carl Worth
cworth at kemper.freedesktop.org
Thu Apr 5 14:44:20 PDT 2007
src/cairo-win32-font.c | 4 +---
1 files changed, 1 insertion(+), 3 deletions(-)
New commits:
diff-tree 106f8590457a7ebb5335d67f16277e8d5a6b04a8 (from 5c24711ee65cdb8ac0fdb7419e6466e2b7cb7d9e)
Author: Carl Worth <cworth at cworth.org>
Date: Wed Apr 4 15:59:50 2007 -0700
Move misplaced CLEANUP_FONT label to avoid crash.
Previously, a failure in _cairo_win32_scaled_font_init_glyph_path leading
to the CLEANUP_FONT label would set the path into the glyph, then destroy
the path, and return an error status, (which in turn would cause a double
free when the glyph was destroyed).
The double-free apparently leads to a crash in some cases, as described
here:
SVG/Cairo related crash when opening specific webpage
https://bugzilla.mozilla.org/show_bug.cgi?id=376498
This should eliminate the double-free, but does not address the original
error case, (attempting to get a path from a bitmap font?).
diff --git a/src/cairo-win32-font.c b/src/cairo-win32-font.c
index c38e1a5..82e3bfc 100644
--- a/src/cairo-win32-font.c
+++ b/src/cairo-win32-font.c
@@ -1451,16 +1451,14 @@ _cairo_win32_scaled_font_init_glyph_path
}
free(buffer);
-CLEANUP_FONT:
-
_cairo_scaled_glyph_set_path (scaled_glyph,
&scaled_font->base,
path);
+ CLEANUP_FONT:
cairo_win32_scaled_font_done_font (&scaled_font->base);
CLEANUP_PATH:
-
if (status != CAIRO_STATUS_SUCCESS)
_cairo_path_fixed_destroy (path);
More information about the cairo-commit
mailing list