To avoid any possibility of uninitialized memory.
The exceptions are:
- where the allocation is immediately overwritten by a memcpy or struct copy.
- arrays of structs to avoid any performance impact (except when the
array is returned by the public API).
- If a link has both 'dest' and 'uri', the 'dest' will be used if it
exists, otherwise it will fallback to using the 'uri'.
- Ensure that a missing 'dest' does not result in an error. Instead a
warning is printed if CAIRO_DEBUG_TAG is set, and a link to the
current location is embedded in the PDF. ie the link does
nothing. Cairo needs to embed a link even if no destination is
available because when links are embedded at the end of the
document, the content stream already contains link tags.
- Remove cairo_pdf_interchange_write_forward_links. This code was
originally used prior to !463 when cairo wrote the links at the end
of each page. Now the links are written at the end of the document
so there are no longer any forward links with an unknown
destination, unless the destination does not exist.
- When 'internal' is not used, use the 'dest' name to reference the
link. Ensure non ASCII names are correctly encoded.
Add a _cairo_tag_error(fmt, ...) function that is used liked _cairo_error()
but allows an error message to be specified. When CAIRO_DEBUG_TAG is defined
the error is printed.
_cairo_malloc(0) always returns NULL, but has not been used
consistently. This patch replaces many calls to malloc() with
_cairo_malloc().
Fixes: fdo# 101547
CVE: CVE-2017-9814 Heap buffer overflow at cairo-truetype-subset.c:1299
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
