[cairo] More coverity issues

Behdad Esfahbod behdad at cs.toronto.edu
Fri Apr 28 12:15:52 PDT 2006


Hi,

Going over the coverity issues for cairo-1.0.4, reported in
GNOME's build, I found these two worth looking into:

1)

CID: 1228
Checker: RESOURCE_LEAK (help)
File: cairo-1.0.4/src/cairo-xlib-surface.c
Function: _xlib_glyphset_cache_create_entry
Description: Returned without freeing storage "entry"


"entry" is allocated:

2045 	    entry = malloc (sizeof (glyphset_cache_entry_t));
2046 	    _cairo_lock_global_image_glyph_cache ();
2047 	    im_cache = _cairo_get_global_image_glyph_cache ();

and freed on some error paths bailing out but not these two:

2135 		    new = malloc (c);
2136 		    if (!new)
2137 			return CAIRO_STATUS_NO_MEMORY;

and

2163 		    new = malloc (c);
2164 		    if (!new)
2165 			return CAIRO_STATUS_NO_MEMORY


==================

2)

CID: 1225
Checker: FORWARD_NULL (help)
File: cairo-1.0.4/src/cairo-gstate.c
Function: _cairo_gstate_clone
Description: Variable "clone" tracked as NULL was dereferenced.

Obviously:

222  	    if (clone) {
223  		status = _cairo_gstate_init_copy (clone, gstate);
224  		if (status) {
225  		    free (clone);
226  		    return NULL;
227  		}
228  	    }
229  	    clone->next = NULL;
230
231  	    return clone;
232  	}


==================

There are a few more, mostly about unreachable code in pixman,
but I thing they can be ignored, given all the preprocessor hacks
in pixman that's probably expected.


--behdad
http://behdad.org/

"Commandment Three says Do Not Kill, Amendment Two says Blood Will Spill"
	-- Dan Bern, "New American Language"


More information about the cairo mailing list