Closed
Bug 505735
Opened 15 years ago
Closed 10 years ago
coverity thinks _cairo_truetype_read_font_name can lose track of allocations to font_name/ps_name because they're in a loop
Categories
(Core :: Graphics, defect)
Core
Graphics
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: timeless, Assigned: timeless)
References
(Blocks 1 open bug, )
Details
(Keywords: coverity, memory-leak, Whiteboard: [CID 221614])
Attachments
(1 file, 1 obsolete file)
(deleted),
patch
|
jrmuizel
:
review-
|
Details | Diff | Splinter Review |
1324 _cairo_truetype_read_font_name (cairo_scaled_font_t *scaled_font, loop_start: 1365 for (i = 0; i < be16_to_cpu(name->num_records); i++) { 1370 if (be16_to_cpu (record->name) == 4) { 1371 font_name = malloc (be16_to_cpu(record->length) + 1); 1382 if (be16_to_cpu (record->name) == 6) { 1383 ps_name = malloc (be16_to_cpu(record->length) + 1); 1394 if (font_name && ps_name) 1395 break; 1396 } 1397 } logic: 1. enter loop_start 1365, i=0 2. cond 1370 take true path 3. alloc 1371 font_name 4. cond 1382 take false path 5. cond 1394 take false path 6. loop 1397 go to loop_start 7. cond 1370 take true path 8. leak 1371 font_name from step 3 9. alloc 1371 font_name 10. cond 1382 take true path 11. alloc 1383 ps_name 12. cond 1394 take true path exit loop A similar path can be found where you leak ps_name
other paths are possible including one where an alloc failure for ps_name results in font_name leaking or vice versa.
Attachment #390176 -
Flags: review?(vladimir) → review?(jmuizelaar)
Attachment #390176 -
Attachment is obsolete: true
Attachment #391614 -
Flags: review?(jmuizelaar)
Attachment #390176 -
Flags: review?(jmuizelaar)
Comment 4•11 years ago
|
||
Comment on attachment 391614 [details] [diff] [review] updated reviewer Review of attachment 391614 [details] [diff] [review]: ----------------------------------------------------------------- This seems unlikely to happen in practice and the work should be done upstream if needed. Since it's found with a static checker we can always rediscover this.
Attachment #391614 -
Flags: review?(jmuizelaar) → review-
Updated•10 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
Updated•10 years ago
|
Whiteboard: [cid 221614]
Updated•10 years ago
|
Whiteboard: [cid 221614] → [CID 221614]
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•