[cairo-commit] src/cairo-scaled-font.c
Chris Wilson
ickle at kemper.freedesktop.org
Tue Jan 8 16:37:55 PST 2013
src/cairo-scaled-font.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
New commits:
commit a942938e90a219a0b88153f9fa96c606ce644ef1
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date: Wed Jan 9 00:36:13 2013 +0000
scaled-font: Fix use after free when clearing the glyph cache
Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
diff --git a/src/cairo-scaled-font.c b/src/cairo-scaled-font.c
index aab6937..97460c2 100644
--- a/src/cairo-scaled-font.c
+++ b/src/cairo-scaled-font.c
@@ -464,8 +464,8 @@ _cairo_scaled_glyph_page_destroy (cairo_scaled_font_t *scaled_font,
&page->glyphs[n].hash_entry);
_cairo_scaled_glyph_fini (scaled_font, &page->glyphs[n]);
}
- cairo_list_del (&page->link);
+ cairo_list_del (&page->link);
free (page);
}
@@ -827,11 +827,12 @@ _cairo_scaled_font_reset_cache (cairo_scaled_font_t *scaled_font)
cairo_list_first_entry (&scaled_font->glyph_pages,
cairo_scaled_glyph_page_t,
link);
- _cairo_scaled_glyph_page_destroy (scaled_font, page);
cairo_scaled_glyph_page_cache.size -= page->cache_entry.size;
_cairo_hash_table_remove (cairo_scaled_glyph_page_cache.hash_table,
(cairo_hash_entry_t *) &page->cache_entry);
+
+ _cairo_scaled_glyph_page_destroy (scaled_font, page);
}
CAIRO_MUTEX_UNLOCK (_cairo_scaled_glyph_page_cache_mutex);
CAIRO_MUTEX_UNLOCK (scaled_font->mutex);
More information about the cairo-commit
mailing list