Make sure surface->object_stream.stream is cleaned up even if things
failed
In poppler oss-fuzz tests we are getting this leak reported
Direct leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x5747417eabd9 in __interceptor_calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:74:3
#1 0x574742706f5b in _cairo_memory_stream_create cairo/src/cairo-output-stream.c:741:14
#2 0x5747426757b8 in _cairo_pdf_surface_open_object_stream cairo/src/cairo-pdf-surface.c:2307:34
#3 0x57474266b880 in _cairo_pdf_surface_finish cairo/src/cairo-pdf-surface.c:2700:14
#4 0x57474261afc6 in _cairo_surface_finish cairo/src/cairo-surface.c:1043:11
#5 0x57474261afc6 in cairo_surface_finish cairo/src/cairo-surface.c:1092:5
#6 0x57474270808a in _cairo_paginated_surface_finish cairo/src/cairo-paginated-surface.c:215:2
#7 0x5747426175c2 in _cairo_surface_finish cairo/src/cairo-surface.c:1043:11
#8 0x5747426175c2 in cairo_surface_destroy cairo/src/cairo-surface.c:978:2
This fixes it.
_cairo_pdf_surface_finish was succeeding past
_cairo_pdf_surface_open_object_stream that allocates surface->object_stream.stream,
failing when calling _cairo_pdf_surface_emit_font_subsets
and that memory was never freed
Fixes cairo issue #907.
In the xref table, the generation number is limited to 65535 (2^16 - 1)
and it's used to identify objects in object streams.
When generating a pdf with more than 65536 objects in object streams,
the generation number overflows and restarts at 0, which causes
invalid references in the xref table.
They don't support C11 anyway. Additionally, CLang defines a very
conservative __GNUC__ value (which is also configurable via the
-fgnuc-version= command-line argument)
When cairo_is_all_clipped return true, we must not attempt
to change any of the clip fields, since it is pointing to
the static const __cairo_clip_all.
Moving the check for ->region into the 'if' is fine, since
it will always be NULL for _cairo_clip_all.
This was causing a crash in inkscape, see
https://gitlab.com/inkscape/inkscape/-/issues/5631
IDWriteGlyphRunAnalysis supports gray-scale antialiasing only when
created via IDWriteFactory2 (and newer), introduced in Windows 8.1
Fallback to using DIrect2D on A8 targets when IDWriteFactory2 is
not available.
...by checking for IUnknown.
This makes GeometryRecorder::QueryInterface compliant with the
rules of COM.
QueryInterface for IUnknown has a special meaning in COM: it's
used to check whether two interface pointers refer to the same
object.
STDMETHOD / IFACEMETHOD macros already add __declspec(nothrow), but
noexcept is better. From MSDN [1]:
We recommend that all new code use the noexcept operator rather than
__declspec(nothrow).
This attribute tells the compiler that the declared function and the
functions it calls never throw an exception. However, it does not
enforce the directive. In other words, it never causes std::terminate
to be invoked, unlike noexcept, or in std:c++17 mode (Visual Studio
2017 version 15.5 and later), throw().
See also [2]:
Non-throwing functions are permitted to call potentially-throwing
functions. Whenever an exception is thrown and the search for a handler
encounters the outermost block of a non-throwing function, the function
std::terminate is called:
extern void f(); // potentially-throwing
void g() noexcept {
f(); // valid, even if f throws
throw 42; // valid, effectively a call to std::terminate
}
References:
[1] https://learn.microsoft.com/en-us/cpp/cpp/nothrow-cpp?view=msvc-170
[2] https://en.cppreference.com/w/cpp/language/noexcept_spec
IFACEMETHOD already adds the __override / __allowed(on_function) SAL
annotation (only on Windows SDK, not mingw-w64), which is understood
by some code analysis tools [1]. Since we're compiling in C++11 mode,
we can add the override specifier, so that the compiler is informed
as well.
[1] https://devblogs.microsoft.com/oldnewthing/20200911-00/?p=104205
Fixes the following warnings on CLang:
../cairo/src/win32/cairo-dwrite-font.cpp:869:27: warning: exception specification
of overriding function is more lax than base version [-Wmicrosoft-exception-spec]
869 | IFACEMETHODIMP_(void) SetFillMode(D2D1_FILL_MODE fillMode)
| ^
D:/msys64/clang64/include/d2d1.h:1491:22: note: overridden virtual function is here
1491 | STDMETHOD_(void, SetFillMode)(D2D1_FILL_MODE fillMode) PURE;
|
COM objects are usually implemented like that:
1. The class is defined with only method declarations. For that,
one should use IFACEMETHOD macros.
2. Then methods are implemented (defined), outside of the class
definition. For that, one should use the IFACEMETHODIMP macros
If one really wants to provide inline method definitions (that is,
inside the class definition), then IFACEMETHOD macros should be used
(and not IFACEMETHODIMP, though it's a definition / implementation).
