[cairo-commit] src/cairo.c
Chris Wilson
ickle at kemper.freedesktop.org
Wed Aug 11 04:23:16 PDT 2010
src/cairo.c | 3 +++
1 file changed, 3 insertions(+)
New commits:
commit 8e9c4ea5890a4df3f463e592dc3aa429bb423608
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date: Wed Aug 11 12:18:53 2010 +0100
Mark the context as invalid on the final cairo_destroy()
We initialise the context to a non-error state upon creation, but after
destroy there is a window of opportunity where the object is kept alive
inside the context pool and the user could mistakenly keep on passing
the zombie context into cairo functions. As all entry points need to
check error status, flagging the context as an error object upon the
final unreference prevents such misuse (until such as time as the
context is reallocated).
diff --git a/src/cairo.c b/src/cairo.c
index 7c1c76a..dd0bdfa 100644
--- a/src/cairo.c
+++ b/src/cairo.c
@@ -454,6 +454,9 @@ cairo_destroy (cairo_t *cr)
_cairo_user_data_array_fini (&cr->user_data);
+ /* mark the context as invalid to protect against misuse */
+ cr->status = CAIRO_STATUS_NULL_POINTER;
+
_context_put (cr);
}
slim_hidden_def (cairo_destroy);
More information about the cairo-commit
mailing list