[cairo-commit] 2 commits - src/cairo-truetype-subset.c
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Wed Mar 10 16:57:09 UTC 2021
src/cairo-truetype-subset.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
New commits:
commit f604b4ba9250d584fcd0cc7cf1cf1e58ab692be7
Merge: b718dae71 2af4412aa
Author: Tim-Philipp Müller <tim at centricular.com>
Date: Wed Mar 10 16:57:08 2021 +0000
Merge branch 'gyf-table-leak' into 'master'
Fix a leak in an error path
See merge request cairo/cairo!144
commit 2af4412aa3702c88da21c1265d9342a46190e078
Author: Uli Schlachter <psychon at znc.in>
Date: Tue Mar 9 11:14:09 2021 +0100
Fix a leak in an error path
Tested with valgrind. Before this patch, I got the following "definitely
lost" entry, which is gone afterwards:
94,416 bytes in 1 blocks are definitely lost in loss record 427 of 427
at 0x483877F: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x4B053F8: cairo_truetype_font_write_glyf_table (cairo-truetype-subset.c:625)
by 0x4B06219: cairo_truetype_font_generate (cairo-truetype-subset.c:991)
by 0x4B06917: cairo_truetype_subset_init_internal (cairo-truetype-subset.c:1159)
by 0x4B06D72: _cairo_truetype_subset_init_pdf (cairo-truetype-subset.c:1255)
by 0x4B6B113: _cairo_pdf_surface_emit_truetype_font_subset (cairo-pdf-surface.c:5892)
by 0x4B6C2AD: _cairo_pdf_surface_emit_unscaled_font_subset (cairo-pdf-surface.c:6366)
by 0x4B02FC7: _cairo_sub_font_collect (cairo-scaled-font-subsets.c:741)
by 0x4B03A7A: _cairo_scaled_font_subsets_foreach_internal (cairo-scaled-font-subsets.c:1062)
by 0x4B03B21: _cairo_scaled_font_subsets_foreach_unscaled (cairo-scaled-font-subsets.c:1090)
by 0x4B6C3ED: _cairo_pdf_surface_emit_font_subsets (cairo-pdf-surface.c:6412)
by 0x4B62B1A: _cairo_pdf_surface_finish (cairo-pdf-surface.c:2222)
To reproduce, run the test case from the below link.
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28023
Signed-off-by: Uli Schlachter <psychon at znc.in>
diff --git a/src/cairo-truetype-subset.c b/src/cairo-truetype-subset.c
index 7f0445df4..f5f06defc 100644
--- a/src/cairo-truetype-subset.c
+++ b/src/cairo-truetype-subset.c
@@ -628,8 +628,10 @@ cairo_truetype_font_write_glyf_table (cairo_truetype_font_t *font,
status = font->backend->load_truetype_table (font->scaled_font_subset->scaled_font,
TT_TAG_loca, 0, u.bytes, &size);
- if (unlikely (status))
+ if (unlikely (status)) {
+ free (u.bytes);
return _cairo_truetype_font_set_error (font, status);
+ }
start_offset = _cairo_array_num_elements (&font->output);
for (i = 0; i < font->num_glyphs; i++) {
More information about the cairo-commit
mailing list