[cairo] [PATCH cairo v2 4/8] bo: Free event_y in case of error to prevent memory leak (CID ##1160682)

Wed Jun 13 00:35:34 UTC 2018

If the call to _cairo_malloc_ab_plus_c() fails, it returns an error
without first freeing event_y.

Coverity ID: #1160682

Signed-off-by: Bryce Harrington <bryce at bryceharrington.org>
---
 src/cairo-bentley-ottmann.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/cairo-bentley-ottmann.c b/src/cairo-bentley-ottmann.c
index afe3a63..2011e73 100644
--- a/src/cairo-bentley-ottmann.c
+++ b/src/cairo-bentley-ottmann.c
@@ -1501,8 +1501,11 @@ _cairo_bentley_ottmann_tessellate_polygon (cairo_traps_t	 *traps,
 					  sizeof (cairo_bo_start_event_t) +
 					  sizeof (cairo_bo_event_t *),
 					  sizeof (cairo_bo_event_t *));
-	if (unlikely (events == NULL))
+	if (unlikely (events == NULL)) {
+	    if (event_y != stack_event_y)
+		free (event_y);
 	    return _cairo_error (CAIRO_STATUS_NO_MEMORY);
+	}
 
 	event_ptrs = (cairo_bo_event_t **) (events + num_events);
     }
-- 
2.7.4

