Closed
Bug 556314
Opened 14 years ago
Closed 13 years ago
cairo_meta_surface_ink_extents doesn't handle failure from _cairo_null_surface_create
Categories
(Core :: Graphics, defect)
Core
Graphics
Tracking
()
RESOLVED
INVALID
People
(Reporter: timeless, Unassigned)
References
(Blocks 1 open bug, )
Details
(Keywords: coverity, memory-leak)
1122 cairo_meta_surface_ink_extents (cairo_surface_t *surface, 1140 null_surface = _cairo_null_surface_create (CAIRO_CONTENT_COLOR_ALPHA); this can fail, if it fails, null_surface->status will be a failure code 1141 analysis_surface = _cairo_analysis_surface_create (null_surface, -1, -1); this could allocate a surface, but it will inherit the failure status from null_surface. 1142 cairo_surface_destroy (null_surface); this will probably crash, but that's no fun :) 1144 status = analysis_surface->status; 1145 if (unlikely (status)) 1146 goto DONE; 1152 DONE: now we leak analysis_surface 1161 }
Comment 1•13 years ago
|
||
meta surface was renamed to recording surface. The work to get the bounding box was factored out to its own function: _recording_surface_get_ink_bbox This would appear to leak the same way, however the function: _cairo_analysis_surface_create If the malloc fails you get: surface = malloc (sizeof (cairo_analysis_surface_t)); if (unlikely (surface == NULL)) return _cairo_surface_create_in_error (_cairo_error(CAIRO_STATUS_NO_MEMORY)); But _cairo_surface_create_in_error returns a const struct defining the error, so it does not need to be freed. I believe this means there is no leak possibility.
Comment 2•13 years ago
|
||
Closing as per #1.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → INVALID
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•