[cff, cid] Fix segfaults in case of error (#58621).

* src/cff/cffobjs.c (cff_slot_done), src/cid/cidobjs.c (cid_slot_done): If `ft_glyphslot_init' fails to allocate `internal', then the class' `done_slot' callback (called by `ft_glyphslot_done') must not dereference the pointer to `internal'.
2020-06-19 10:35:57 +02:00 · 2020-06-19 10:35:57 +02:00 · 8ed5a2477e
parent d1180b5f95
commit 8ed5a2477e
3 changed files with 13 additions and 2 deletions
--- a/9
+++ b/9
@ -1,3 +1,12 @@
+2020-06-19  Sebastian Rasmussen  <sebras@gmail.com>
+
+	[cff, cid] Fix segfaults in case of error (#58621).
+
+	* src/cff/cffobjs.c (cff_slot_done), src/cid/cidobjs.c
+	(cid_slot_done): If `ft_glyphslot_init' fails to allocate
+	`internal', then the class' `done_slot' callback (called by
+	`ft_glyphslot_done') must not dereference the pointer to `internal'.
+
 2020-06-19  Werner Lemberg  <wl@gnu.org>

 	[base] Fix UBSAN error.
--- a/src/cff/cffobjs.c
+++ b/src/cff/cffobjs.c
@ -352,7 +352,8 @@
  FT_LOCAL_DEF( void )
  cff_slot_done( FT_GlyphSlot  slot )
  {
-    slot->internal->glyph_hints = NULL;
+    if ( slot->internal )
+      slot->internal->glyph_hints = NULL;
  }


--- a/src/cid/cidobjs.c
+++ b/src/cid/cidobjs.c
@ -49,7 +49,8 @@
  FT_LOCAL_DEF( void )
  cid_slot_done( FT_GlyphSlot  slot )
  {
-    slot->internal->glyph_hints = NULL;
+    if ( slot->internal )
+      slot->internal->glyph_hints = NULL;
  }