Commit a8096dfa authored by Akira TAGOH's avatar Akira TAGOH

Bug 90867 - Memory Leak during error case in fccharset

https://bugs.freedesktop.org/show_bug.cgi?id=90867
parent 0551e1b3
......@@ -164,6 +164,14 @@ FcCharSetPutLeaf (FcCharSet *fcs,
unsigned int alloced = 8;
leaves = malloc (alloced * sizeof (*leaves));
numbers = malloc (alloced * sizeof (*numbers));
if (!leaves || !numbers)
{
if (leaves)
free (leaves);
if (numbers)
free (numbers);
return FcFalse;
}
}
else
{
......@@ -172,8 +180,19 @@ FcCharSetPutLeaf (FcCharSet *fcs,
alloced *= 2;
new_leaves = realloc (leaves, alloced * sizeof (*leaves));
if (!new_leaves)
return FcFalse;
numbers = realloc (numbers, alloced * sizeof (*numbers));
if (!numbers)
{
/* Revert the reallocation of leaves */
leaves = realloc (new_leaves, (alloced / 2) * sizeof (*new_leaves));
/* unlikely to fail though */
if (!leaves)
return FcFalse;
fcs->leaves_offset = FcPtrToOffset (fcs, leaves);
return FcFalse;
}
distance = (intptr_t) new_leaves - (intptr_t) leaves;
if (new_leaves && distance)
{
......@@ -184,9 +203,6 @@ FcCharSetPutLeaf (FcCharSet *fcs,
leaves = new_leaves;
}
if (!leaves || !numbers)
return FcFalse;
fcs->leaves_offset = FcPtrToOffset (fcs, leaves);
fcs->numbers_offset = FcPtrToOffset (fcs, numbers);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment