[cairo] [PATCH cairo v2 3/8] snapshot: Don't use extra after it's been freed (CID #220086)
Bryce Harrington
bryce at bryceharrington.org
Wed Jun 13 00:35:33 UTC 2018
Note this changes the semantics of the value of extra_out such that it
is set to NULL instead of left undefined in case an error is returned.
Coverity ID: 220086
Signed-off-by: Bryce Harrington <bryce at bryceharrington.org>
---
src/cairo-surface-snapshot.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/cairo-surface-snapshot.c b/src/cairo-surface-snapshot.c
index c8f3078..a8b8c0e 100644
--- a/src/cairo-surface-snapshot.c
+++ b/src/cairo-surface-snapshot.c
@@ -100,14 +100,17 @@ _cairo_surface_snapshot_acquire_source_image (void *abstract_
cairo_status_t status;
extra = _cairo_malloc (sizeof (*extra));
- if (unlikely (extra == NULL))
+ if (unlikely (extra == NULL)) {
+ *extra_out = NULL;
return _cairo_error (CAIRO_STATUS_NO_MEMORY);
+ }
extra->target = _cairo_surface_snapshot_get_target (&surface->base);
status = _cairo_surface_acquire_source_image (extra->target, image_out, &extra->extra);
if (unlikely (status)) {
cairo_surface_destroy (extra->target);
free (extra);
+ extra = NULL;
}
*extra_out = extra;
--
2.7.4
More information about the cairo
mailing list