The function cairo_cff_font_read_cid_fontdict() has a local variable
"cairo_array_t index". This array is first filled with data from the
font with cff_index_read(). Later in this function, each resulting entry
is given to cff_dict_read(). Nothing else is done with the array.
Thus, nothing can keep a reference to "index" and thus this array has to
be finalised at the end of the function to avoid a memory leak.
This commit does that by falling through to the call to cff_index_fini()
that is already there in the error case. This function checks for each
element if its ->is_copy is true and then frees the data. However,
cff_index_read() only creates elements with ->is_copy = FALSE, thus this
does not do anything. At the end, this calls _cairo_array_fini() which
frees the array's memory.
Fixes the following memory leak according to valgrind:
24 bytes in 1 blocks are definitely lost in loss record 173 of 490
at 0x48386AF: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x483ADE7: realloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x4A5ECC3: _cairo_array_grow_by (cairo-array.c:115)
by 0x4A5EEEE: _cairo_array_allocate (cairo-array.c:317)
by 0x4A5EE95: _cairo_array_append_multiple (cairo-array.c:288)
by 0x4A5EE6B: _cairo_array_append (cairo-array.c:265)
by 0x4AFB12E: cff_index_read (cairo-cff-subset.c:438)
by 0x4AFC280: cairo_cff_font_read_cid_fontdict (cairo-cff-subset.c:1022)
by 0x4AFCD42: cairo_cff_font_read_top_dict (cairo-cff-subset.c:1232)
by 0x4AFD145: cairo_cff_font_read_font (cairo-cff-subset.c:1351)
by 0x4AFFDC0: cairo_cff_font_generate (cairo-cff-subset.c:2583)
by 0x4B00D71: _cairo_cff_subset_init (cairo-cff-subset.c:2975)
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30650
Signed-off-by: Uli Schlachter <psychon@znc.in>
For example, to depend on cairo-script, inccairoscript was added to
"include_directories:" and libcairoscript was added to "link_with:".
This commit instead uses the libcairoscript_dep dependency everywhere.
Signed-off-by: Uli Schlachter <psychon@znc.in>
There are a couple of shell scripts in src/ that run various tests. This
commit adds them to the meson build.
The one exception is check-def.sh, which I couldn't get to work and thus
only add it commented out.
check-headers.sh and check-plt.sh required some tweaking to get them to
work. check-plt.sh will print an error when run since the file
'.libs/lib*.so' does not exist, but it will still run its check
correctly.
This avoids the risk of encountering undefined behavior when computing the `pixel` pointer (even though it won't actually be used) in the case where the image width or height is zero and the data is NULL. (Observed when called from cairo_pdf_surface code when an extreme scaling transform was present, though I guess there are probably other ways to end up with such an image.)
With the last commit, these became pointless. Just switch the code to
call the underlying function directly.
Signed-off-by: Uli Schlachter <psychon@znc.in>
cairo-xcb kept a cache of free xid to avoid calling xcb_generate_id()
later. However, this is unsafe: When libxcb runs out of ids, it asks the
X11 server for an empty range of ids to use. The X11 server of course
does not know about cairo's cache and could hand out an id that cairo
will use again later. This would then result in BadIdChoice errors
later.
Fix this by simply removing the whole cache.
Fixes: https://gitlab.freedesktop.org/cairo/cairo/-/issues/434
Signed-off-by: Uli Schlachter <psychon@znc.in>
We *always* generate this file, and we depend on its existence.
The idea behind HAVE_CONFIG_H was being able to include random files
from different projects, back in a time where "libraries" were literally
just random files instead of actual shared objects.
Since we're not in the '80s any more, and our build system(s) define
HAVE_CONFIG_H *and* generate the config.h header file, we don't need a
conditional guard around its inclusion.
We define _GNU_SOURCE globally in both the Autotools build, through the
use of the AC_USE_SYSTEM_EXTENSIONS macro; and in the Meson build, with
add_project_arguments().
Precisely what Autotools does, instead of adding it as per-target C
argument.
Once we remove HAVE_CONFIG_H checks in every source file, we'll be able
to drop it.
