Last Comment Bug 336129 - Missing out-of-memory check at gfx/cairo/cairo/src/cairo-atsui-font.c:185
: Missing out-of-memory check at gfx/cairo/cairo/src/cairo-atsui-font.c:185
Status: RESOLVED INVALID
:
Product: Core
Classification: Components
Component: Graphics (show other bugs)
: Trunk
: All All
: -- normal (vote)
: ---
Assigned To: Nobody; OK to take it and work on it
:
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-01 08:32 PDT by Denis Vlasenko
Modified: 2006-07-06 04:59 PDT (History)
2 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
atsui: Add missing check of return-value of malloc. (1.35 KB, patch)
2006-05-02 11:49 PDT, Carl Worth
no flags Details | Diff | Splinter Review

Description Denis Vlasenko 2006-05-01 08:32:05 PDT
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20060320 Firefox/1.5
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20060320 Firefox/1.5

    font = malloc(sizeof(cairo_atsui_font_t));

    _cairo_scaled_font_init(&font->base, toy_face, font_matrix, ctm, options,
                            &cairo_atsui_scaled_font_backend);

    cairo_matrix_multiply(&scale, font_matrix, ctm);
    font->style = CreateSizedCopyOfStyle(style, &scale);


Reproducible: Always
Comment 1 Christian :Biesinger (don't email me, ping me on IRC) 2006-05-01 08:34:50 PDT
this one should really be filed in bugs.freedesktop.org instead (product cairo)
Comment 2 Carl Worth 2006-05-02 11:49:12 PDT
Created attachment 220528 [details] [diff] [review]
atsui: Add missing check of return-value of malloc.

Here's a patch for this specific issue.

This has already been committed to upstream cairo, (in some 1.1.3 and will be in all descendant snapshots/releases).

Note that there's another unchecked malloc later in the same file. The patch adds a comment for it, but doesn't fix it. That's a job for the ATSUI maintainer as I would probably get it wrong if I tried it myself.
Comment 3 Stuart Parmenter 2006-07-05 14:20:44 PDT
resolving invalid since these should be filed upstream (and since they've been fixed upstream)
Comment 4 Jason Bassford 2006-07-06 04:59:02 PDT
Comment 3 indicates that this should have been resolved as INVALID (not FIXED).

Note You need to log in before you can comment on or make changes to this bug.