From 498fc2fbe31682754f1aa3864b764229d0b6838c Mon Sep 17 00:00:00 2001
From: Ashim <ashim.shah@samsung.com>
Date: Thu, 9 Jul 2015 10:43:30 +0530
Subject: [PATCH] Fix out of bound access in struct pattern->type

The pattern structure is hardcoded to hold 7 elements, yet the
pattern_names array in cairo-surface-observer.c is initialized with 8
strings.  This causes a crash in print_array at line 1587 when it tries
to access the 8th member.

Hence changed the 'type' array from type[7] to type[8] to avoid out of
bound access.

Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=91266
Signed-off-by: Ashim <ashim.shah@samsung.com>
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
---
 src/cairo-surface-observer-private.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cairo-surface-observer-private.h b/src/cairo-surface-observer-private.h
index 70c87db82..6ed0c18d1 100644
--- a/src/cairo-surface-observer-private.h
+++ b/src/cairo-surface-observer-private.h
@@ -62,7 +62,7 @@ struct extents {
 };
 
 struct pattern {
-    unsigned int type[7]; /* native/record/other surface/gradients */
+    unsigned int type[8]; /* native/record/other surface/gradients */
 };
 
 struct path {