[cairo] [PATCH cairo 2/3] bo: Check null return from _cairo_malloc_ab() (CID #1159556)

Bryce Harrington bryce at bryceharrington.org
Sat Jun 9 05:34:26 UTC 2018


_cairo_malloc_ab() can return NULL under some circumstances, and all
other callers of this routine in the Cairo codebase check its return, so
do so here as well.

(I'm not sure that cairo-bentley-ottmann.c is actually plugged in
anywhere for actual use, so this change may be more to quell Coverity
than fix an actual likely bug.  However, the bo code has been used as a
starting point when writing compositors so perhaps is a useful thing to
cleanup.)

Coverity ID: #1159556

Signed-off-by: Bryce Harrington <bryce at bryceharrington.org>
---
 src/cairo-bentley-ottmann.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/cairo-bentley-ottmann.c b/src/cairo-bentley-ottmann.c
index 91e41f9..afe3a63 100644
--- a/src/cairo-bentley-ottmann.c
+++ b/src/cairo-bentley-ottmann.c
@@ -1484,10 +1484,13 @@ _cairo_bentley_ottmann_tessellate_polygon (cairo_traps_t	 *traps,
 	ymin = _cairo_fixed_integer_floor (polygon->limit.p1.y);
 	ymax = _cairo_fixed_integer_ceil (polygon->limit.p2.y) - ymin;
 
-	if (ymax > 64)
+	if (ymax > 64) {
 	    event_y = _cairo_malloc_ab(sizeof (cairo_bo_event_t*), ymax);
-	else
+	    if (unlikely (event_y == NULL))
+		return _cairo_error (CAIRO_STATUS_NO_MEMORY);
+	} else {
 	    event_y = stack_event_y;
+	}
 	memset (event_y, 0, ymax * sizeof(cairo_bo_event_t *));
     }
 
-- 
2.7.4



More information about the cairo mailing list