src/fccfg.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
New commits:
commit e735abcfe139de91fc2e2d323cb4bf16345e1419
Author: Matthias Clasen <mclasen@xxxxxxxxxx>
Date: Sun Aug 30 12:03:04 2020 -0400
Fix a problem in FcConfigSubstitute
We were using the family names from the pattern without
copying, and this was leading to a valgrind warning:
==53167== Invalid read of size 1
==53167== at 0x58B0238: FcStrCaseWalkerNextNonBlank (fcstr.c:198)
==53167== by 0x58B0238: FcStrCaseWalkerNextNonBlank (fcstr.c:186)
==53167== by 0x58B02C7: FcStrCmpIgnoreBlanksAndCase (fcstr.c:281)
==53167== by 0x58A4D44: FcHashTableFind (fchash.c:109)
==53167== by 0x5895E76: FamilyTableAdd (fccfg.c:1634)
==53167== by 0x589646A: FcConfigAdd.isra.0 (fccfg.c:1823)
==53167== by 0x58988CF: IA__FcConfigSubstituteWithPat.part.0 (fccfg.c:2228)
==53167== by 0x55F4F1A: pango_cairo_fc_font_map_fontset_key_substitute (pangocairo-fcfontmap.c:106)
==53167== by 0x5B88AF6: pango_fc_default_substitute (pangofc-fontmap.c:1795)
==53167== by 0x5B88D15: pango_fc_font_map_get_patterns (pangofc-fontmap.c:1850)
==53167== by 0x5B88FC7: pango_fc_font_map_load_fontset (pangofc-fontmap.c:1952)
==53167== by 0x5623627: pango_font_map_load_fontset (pango-fontmap.c:161)
==53167== by 0x5621743: pango_context_get_metrics (pango-context.c:1782)
==53167== Address 0x150d3450 is 0 bytes inside a block of size 10 free'd
==53167== at 0x483B9F5: free (vg_replace_malloc.c:538)
==53167== by 0x58ABE70: FcValueListDestroy (fcpat.c:147)
==53167== by 0x5898A08: IA__FcConfigSubstituteWithPat.part.0 (fccfg.c:2203)
==53167== by 0x55F4F1A: pango_cairo_fc_font_map_fontset_key_substitute (pangocairo-fcfontmap.c:106)
==53167== by 0x5B88AF6: pango_fc_default_substitute (pangofc-fontmap.c:1795)
==53167== by 0x5B88D15: pango_fc_font_map_get_patterns (pangofc-fontmap.c:1850)
==53167== by 0x5B88FC7: pango_fc_font_map_load_fontset (pangofc-fontmap.c:1952)
==53167== by 0x5623627: pango_font_map_load_fontset (pango-fontmap.c:161)
==53167== by 0x5621743: pango_context_get_metrics (pango-context.c:1782)
Use copies of the strings as keys in the hash table to avoid this.
diff --git a/src/fccfg.c b/src/fccfg.c
index f86f680..9e747cb 100644
--- a/src/fccfg.c
+++ b/src/fccfg.c
@@ -1662,6 +1662,13 @@ FamilyTableDel (FamilyTable *table,
}
}
+static FcBool
+copy_string (const void *src, void **dest)
+{
+ *dest = strdup ((char *)src);
+ return FcTrue;
+}
+
static void
FamilyTableInit (FamilyTable *table,
FcPattern *p)
@@ -1670,15 +1677,15 @@ FamilyTableInit (FamilyTable *table,
table->family_blank_hash = FcHashTableCreate ((FcHashFunc)FcStrHashIgnoreBlanksAndCase,
(FcCompareFunc)FcStrCmpIgnoreBlanksAndCase,
+ (FcCopyFunc)copy_string,
NULL,
- NULL,
- NULL,
+ free,
free);
table->family_hash = FcHashTableCreate ((FcHashFunc)FcStrHashIgnoreCase,
(FcCompareFunc)FcStrCmpIgnoreCase,
+ (FcCopyFunc)copy_string,
NULL,
- NULL,
- NULL,
+ free,
free);
e = FcPatternObjectFindElt (p, FC_FAMILY_OBJECT);
if (e)
_______________________________________________
Fontconfig mailing list
Fontconfig@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/fontconfig
