[cairo-commit] 2 commits - util/cairo-script

[Chris Wilson]

 util/cairo-script/cairo-script-operators.c |   14 ++++++++++----
 util/cairo-script/cairo-script-scanner.c   |    3 ++-
 2 files changed, 12 insertions(+), 5 deletions(-)

New commits:
commit 81c4594712843abca188a33c1edfb70fa6c5a0d9
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date:   Thu Aug 6 23:41:11 2009 +0100

    [script] Ensure strings are nul terminated
    
    Infrequently, but, for example, handling glyph strings, we require the
    string to be nul terminated. (Otherwise an error occurs, which was
    previously compounded by a drastic leak.)

diff --git a/util/cairo-script/cairo-script-scanner.c b/util/cairo-script/cairo-script-scanner.c
index fb2ce9a..adb6138 100644
--- a/util/cairo-script/cairo-script-scanner.c
+++ b/util/cairo-script/cairo-script-scanner.c
@@ -683,11 +683,12 @@ string_read (csi_t *ctx, csi_scanner_t *scan, csi_file_t *src, int len, csi_obje
 {
     csi_status_t status;
 
-    status = csi_string_new (ctx, obj, NULL, len);
+    status = csi_string_new (ctx, obj, NULL, len + 1);
     if (_csi_unlikely (status))
 	longjmp (scan->jmpbuf, status);
 
     scan_read (scan, src, obj->datum.string->string, len);
+    obj->datum.string->string[len] = '\0';
 }
 
 #if WORDS_BIGENDIAN
commit 86d6a489527d125e739aa5a6d17893bb44977010
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date:   Thu Aug 6 23:39:21 2009 +0100

    [script] Check for failure to store the glyph cache
    
    If we fail to add the glyph cache (presumably because the font is in
    error) do not leak the allocation. As this occurs for every single glyph
    string, the leak can grow very quickly and mask the original bug.

diff --git a/util/cairo-script/cairo-script-operators.c b/util/cairo-script/cairo-script-operators.c
index 81bbe76..5247682 100644
--- a/util/cairo-script/cairo-script-operators.c
+++ b/util/cairo-script/cairo-script-operators.c
@@ -2354,9 +2354,10 @@ _glyph_string (csi_t *ctx,
     double x,y;
     csi_integer_t nglyphs, i, j;
     struct glyph_advance_cache *cache;
+    cairo_status_t status;
 
     cache = cairo_scaled_font_get_user_data (scaled_font,
-					     (cairo_user_data_key_t *) &_glyph_string);
+					     (cairo_user_data_key_t *) ctx);
     if (cache == NULL) {
 	cache = _csi_alloc (ctx, sizeof (*cache));
 	if (cache == NULL)
@@ -2366,9 +2367,14 @@ _glyph_string (csi_t *ctx,
 	memset (cache->have_glyph_advance, 0xff,
 		sizeof (cache->have_glyph_advance));
 
-	cairo_scaled_font_set_user_data (scaled_font,
-					 (cairo_user_data_key_t *) &_glyph_string,
-					 cache, glyph_advance_cache_destroy);
+	status = cairo_scaled_font_set_user_data (scaled_font,
+						  (cairo_user_data_key_t *) ctx,
+						  cache,
+						  glyph_advance_cache_destroy);
+	if (status) {
+	    _csi_free (ctx, cache);
+	    return -1;
+	}
     }
 
     nglyphs = 0;