[HarfBuzz] hb_blob_try_writable leaks memory?

[Jonathan Kew]

On 19 Mar 2010, at 13:30, Jonathan Kew wrote:

> Hi Behdad,
> 
> It looks to me like hb_blob_try_writable() will cause a memory leak if it copies read-only data into a newly allocated block in order to make it writable; I don't see how the block that is malloced in this function would ever be freed.
> 
> One way to handle this would presumably be with a private destroy function that is set on the blob when this reallocation takes place; or do you have an alternative suggestion?

If I'm understanding this correctly, I think it should be sufficient to just set free() as the destroy function:

diff --git a/src/hb-blob.c b/src/hb-blob.c
--- a/src/hb-blob.c
+++ b/src/hb-blob.c
@@ -364,16 +364,18 @@ hb_blob_try_writable (hb_blob_t *blob)
     if (new_data) {
 #if HB_DEBUG_BLOB
       fprintf (stderr, "%p %s: dupped successfully -> %p\n", blob, __FUNCTION__, blob->data);
 #endif
       memcpy (new_data, blob->data, blob->length);
       blob->data = new_data;
       blob->mode = HB_MEMORY_MODE_WRITABLE;
       _hb_blob_destroy_user_data (blob);
+      blob->destroy = free;
+      blob->user_data = new_data;
     }
   }
   else if (blob->mode == HB_MEMORY_MODE_READONLY_MAY_MAKE_WRITABLE)
     _try_writable_inplace_locked (blob);
 
 done:
   mode = blob->mode;