[cairo-commit] 2 commits - src/cairo-xcb-surface-render.c src/cairo-xlib-render-compositor.c
Bryce Harrington
bryce at kemper.freedesktop.org
Thu Nov 6 13:04:01 PST 2014
src/cairo-xcb-surface-render.c | 6 ++++++
src/cairo-xlib-render-compositor.c | 6 ++++++
2 files changed, 12 insertions(+)
New commits:
commit a03f2ff72054c9530f98738aac729354a3f56102
Author: Adam Jackson <ajax at redhat.com>
Date: Fri Oct 31 13:21:15 2014 -0400
xcb: Don't crash when swapping a 0-sized glyph
malloc(0) needn't return NULL, and on glibc, doesn't. Then we encounter
a loop of the form do { ... } while (--c), which doesn't do quite what
you were hoping for when c is initially 0.
Since there's nothing to swap in this case, just bomb out.
Signed-off-by: Adam Jackson <ajax at redhat.com>
diff --git a/src/cairo-xcb-surface-render.c b/src/cairo-xcb-surface-render.c
index 21a89cc..1a086a2 100644
--- a/src/cairo-xcb-surface-render.c
+++ b/src/cairo-xcb-surface-render.c
@@ -4467,6 +4467,9 @@ _cairo_xcb_surface_add_glyph (cairo_xcb_connection_t *connection,
const uint8_t *d;
uint8_t *new, *n;
+ if (c == 0)
+ break;
+
new = malloc (c);
if (unlikely (new == NULL)) {
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
@@ -4495,6 +4498,9 @@ _cairo_xcb_surface_add_glyph (cairo_xcb_connection_t *connection,
const uint32_t *d;
uint32_t *new, *n;
+ if (c == 0)
+ break;
+
new = malloc (4 * c);
if (unlikely (new == NULL)) {
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
commit 3cf862f6d973755cd9824c2224fbe0a623c47ff1
Author: Adam Jackson <ajax at redhat.com>
Date: Fri Oct 31 13:21:14 2014 -0400
xlib: Don't crash when swapping a 0-sized glyph
malloc(0) needn't return NULL, and on glibc, doesn't. Then we encounter
a loop of the form do { ... } while (--c), which doesn't do quite what
you were hoping for when c is initially 0.
Since there's nothing to swap in this case, just bomb out.
Signed-off-by: Adam Jackson <ajax at redhat.com>
diff --git a/src/cairo-xlib-render-compositor.c b/src/cairo-xlib-render-compositor.c
index e90df09..8a1ec7b 100644
--- a/src/cairo-xlib-render-compositor.c
+++ b/src/cairo-xlib-render-compositor.c
@@ -1287,6 +1287,9 @@ _cairo_xlib_surface_add_glyph (cairo_xlib_display_t *display,
unsigned char *d;
unsigned char *new, *n;
+ if (c == 0)
+ break;
+
new = malloc (c);
if (!new) {
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
@@ -1312,6 +1315,9 @@ _cairo_xlib_surface_add_glyph (cairo_xlib_display_t *display,
const uint32_t *d;
uint32_t *new, *n;
+ if (c == 0)
+ break;
+
new = malloc (4 * c);
if (unlikely (new == NULL)) {
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
More information about the cairo-commit
mailing list