[cairo-commit] src/cairo.c

Chris Wilson ickle at kemper.freedesktop.org
Wed Aug 11 04:23:16 PDT 2010

 src/cairo.c |    3 +++
 1 file changed, 3 insertions(+)

New commits:
commit 8e9c4ea5890a4df3f463e592dc3aa429bb423608
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date:   Wed Aug 11 12:18:53 2010 +0100

    Mark the context as invalid on the final cairo_destroy()
    We initialise the context to a non-error state upon creation, but after
    destroy there is a window of opportunity where the object is kept alive
    inside the context pool and the user could mistakenly keep on passing
    the zombie context into cairo functions. As all entry points need to
    check error status, flagging the context as an error object upon the
    final unreference prevents such misuse (until such as time as the
    context is reallocated).

diff --git a/src/cairo.c b/src/cairo.c
index 7c1c76a..dd0bdfa 100644
--- a/src/cairo.c
+++ b/src/cairo.c
@@ -454,6 +454,9 @@ cairo_destroy (cairo_t *cr)
     _cairo_user_data_array_fini (&cr->user_data);
+    /* mark the context as invalid to protect against misuse */
+    cr->status = CAIRO_STATUS_NULL_POINTER;
     _context_put (cr);
 slim_hidden_def (cairo_destroy);

More information about the cairo-commit mailing list