[Fontconfig] Code review needed ,spotted by Coverity
Patrick Lam
plam at MIT.EDU
Tue Apr 11 22:44:34 PDT 2006
Frederic Crozat wrote:
> -defect #984 in fcdir.c / FcDirScanConfig :
> FcGlobalCacheReadDir might be call with config == NULL, which will call
> FcConfigInodeMatchFontDir which deferences config without checking for
> NULL value. I'm not sure how to fix this.
I've fixed this by not normalizing the dir name if we have a NULL
config. This means that it won't necessarily find a cache that it
should, but that's just unfortunate, not critical.
> -defect #759 in fccharset.c / FcCharSetSubtractCount :
> *bm might be NULL because of assignment to bi.leaf->map and then it is
> accessed without any NULL test. I don't know if bi.leaf->map is never
> NULL.
I don't understand this code yet. The problem is not that ->map is
NULL, but that bi might be NULL. ->map can't be null, it's a
FcChar32[256/32].
> -defects #783, #784, #785, #786 :
> * if config->maxObjects == 0, but config->substPattern or
> config->substFont are not NULL, st, while NULL, will be accessed
> * at line 1497, there is a test against thisValue being NULL (so, it
> might be NULL), but FcConfigDel called at line 1506 might deferences
> thisValue, causing a crash.
> * at line 1463, l might be leaked if switch (e->op) is handled by
> default case). I don't know if it is possible.
Can you give more details on these defects?
> There are two other memleaks in doc/edit-sgml.c but I don't know if it
> is worth trying to fix (defects #744, #745, leaking ss and ls in
> DoReplace).
Not worth it. edit-sgml is only run in the build process.
> But now, we are done ;)
Good, good.
pat
More information about the Fontconfig
mailing list