[Fontconfig] Code review needed ,spotted by Coverity

Patrick Lam plam at MIT.EDU
Tue Apr 11 22:44:34 PDT 2006

Frederic Crozat wrote:

> -defect #984 in fcdir.c / FcDirScanConfig :
> FcGlobalCacheReadDir might be call with config == NULL, which will call
> FcConfigInodeMatchFontDir which deferences config without checking for
> NULL value. I'm not sure how to fix this.

I've fixed this by not normalizing the dir name if we have a NULL 
config.  This means that it won't necessarily find a cache that it 
should, but that's just unfortunate, not critical.

> -defect #759 in fccharset.c / FcCharSetSubtractCount :
> *bm might be NULL because of assignment to bi.leaf->map and then it is
> accessed without any NULL test. I don't know if bi.leaf->map is never

I don't understand this code yet.  The problem is not that ->map is 
NULL, but that bi might be NULL.  ->map can't be null, it's a 

> -defects #783, #784, #785, #786 : 
> * if config->maxObjects == 0, but config->substPattern or
> config->substFont are not NULL, st, while NULL, will be accessed
> * at line 1497, there is a test against thisValue being NULL (so, it
> might be NULL), but FcConfigDel called at line 1506 might deferences
> thisValue, causing a crash.
> * at line 1463, l might be leaked if switch (e->op) is handled by
> default case). I don't know if it is possible.

Can you give more details on these defects?

> There are two other memleaks in doc/edit-sgml.c but I don't know if it
> is worth trying to fix (defects #744, #745, leaking ss and ls in
> DoReplace).

Not worth it.  edit-sgml is only run in the build process.

> But now, we are done ;)

Good, good.


More information about the Fontconfig mailing list