From d03d856d959271920f9468198153c54d552d1847 Mon Sep 17 00:00:00 2001 From: Werner Lemberg Date: Wed, 1 Oct 2008 22:39:05 +0000 Subject: [PATCH] * src/truetype/ttobjs.c (tt_face_done), src/cff/cffobjs.c (cff_face_done), src/pfr/pfrobjs.c (pfr_face_done), src/pcf/pcfdrivr.c (PCF_Face_Done), src/cid/cidobjs.c (cid_face_done), src/bdf/bdfdrivr. (BDF_Face_Done), src/sfnt/sfobjs.c (sfnt_face_done): Protect against face == 0. Reported by Graham Asher. --- ChangeLog | 9 +++++ src/bdf/bdfdrivr.c | 9 ++++- src/cff/cffobjs.c | 12 ++++-- src/cid/cidobjs.c | 86 +++++++++++++++++++-------------------- src/pcf/pcfdrivr.c | 9 ++++- src/pfr/pfrobjs.c | 11 +++-- src/sfnt/sfobjs.c | 10 ++++- src/truetype/ttobjs.c | 16 +++++--- src/type1/t1objs.c | 93 ++++++++++++++++++++++--------------------- src/type42/t42objs.c | 66 +++++++++++++++--------------- src/winfonts/winfnt.c | 16 ++++---- 11 files changed, 192 insertions(+), 145 deletions(-) diff --git a/ChangeLog b/ChangeLog index d0bb1ce1b..973371dd5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +2008-10-01 Werner Lemberg + + * src/truetype/ttobjs.c (tt_face_done), src/cff/cffobjs.c + (cff_face_done), src/pfr/pfrobjs.c (pfr_face_done), + src/pcf/pcfdrivr.c (PCF_Face_Done), src/cid/cidobjs.c + (cid_face_done), src/bdf/bdfdrivr. (BDF_Face_Done), + src/sfnt/sfobjs.c (sfnt_face_done): Protect against face == 0. + Reported by Graham Asher. + 2008-09-30 suzuki toshiya * src/base/rules.mk: Add conditional source to BASE_SRC, for `make diff --git a/src/bdf/bdfdrivr.c b/src/bdf/bdfdrivr.c index 2a5767e2f..0786ab40f 100644 --- a/src/bdf/bdfdrivr.c +++ b/src/bdf/bdfdrivr.c @@ -304,10 +304,15 @@ THE SOFTWARE. FT_CALLBACK_DEF( void ) BDF_Face_Done( FT_Face bdfface ) /* BDF_Face */ { - BDF_Face face = (BDF_Face)bdfface; - FT_Memory memory = FT_FACE_MEMORY( face ); + BDF_Face face = (BDF_Face)bdfface; + FT_Memory memory; + if ( !face ) + return; + + memory = FT_FACE_MEMORY( face ); + bdf_free_font( face->bdffont ); FT_FREE( face->en_table ); diff --git a/src/cff/cffobjs.c b/src/cff/cffobjs.c index abe89f3b3..354013130 100644 --- a/src/cff/cffobjs.c +++ b/src/cff/cffobjs.c @@ -919,11 +919,17 @@ FT_LOCAL_DEF( void ) cff_face_done( FT_Face cffface ) /* CFF_Face */ { - CFF_Face face = (CFF_Face)cffface; - FT_Memory memory = cffface->memory; - SFNT_Service sfnt = (SFNT_Service)face->sfnt; + CFF_Face face = (CFF_Face)cffface; + FT_Memory memory; + SFNT_Service sfnt; + if ( !face ) + return; + + memory = cffface->memory; + sfnt = (SFNT_Service)face->sfnt; + if ( sfnt ) sfnt->done_face( face ); diff --git a/src/cid/cidobjs.c b/src/cid/cidobjs.c index 1b3bfbf74..5d5459184 100644 --- a/src/cid/cidobjs.c +++ b/src/cid/cidobjs.c @@ -4,7 +4,7 @@ /* */ /* CID objects manager (body). */ /* */ -/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006 by */ +/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2008 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -193,61 +193,61 @@ FT_LOCAL_DEF( void ) cid_face_done( FT_Face cidface ) /* CID_Face */ { - CID_Face face = (CID_Face)cidface; - FT_Memory memory; + CID_Face face = (CID_Face)cidface; + FT_Memory memory; + CID_FaceInfo cid; + PS_FontInfo info; - if ( face ) + if ( !face ) + return; + + cid = &face->cid; + info = &cid->font_info; + memory = cidface->memory; + + /* release subrs */ + if ( face->subrs ) { - CID_FaceInfo cid = &face->cid; - PS_FontInfo info = &cid->font_info; + FT_Int n; - memory = cidface->memory; - - /* release subrs */ - if ( face->subrs ) + for ( n = 0; n < cid->num_dicts; n++ ) { - FT_Int n; + CID_Subrs subr = face->subrs + n; - for ( n = 0; n < cid->num_dicts; n++ ) + if ( subr->code ) { - CID_Subrs subr = face->subrs + n; - - - if ( subr->code ) - { - FT_FREE( subr->code[0] ); - FT_FREE( subr->code ); - } + FT_FREE( subr->code[0] ); + FT_FREE( subr->code ); } - - FT_FREE( face->subrs ); } - /* release FontInfo strings */ - FT_FREE( info->version ); - FT_FREE( info->notice ); - FT_FREE( info->full_name ); - FT_FREE( info->family_name ); - FT_FREE( info->weight ); - - /* release font dictionaries */ - FT_FREE( cid->font_dicts ); - cid->num_dicts = 0; - - /* release other strings */ - FT_FREE( cid->cid_font_name ); - FT_FREE( cid->registry ); - FT_FREE( cid->ordering ); - - cidface->family_name = 0; - cidface->style_name = 0; - - FT_FREE( face->binary_data ); - FT_FREE( face->cid_stream ); + FT_FREE( face->subrs ); } + + /* release FontInfo strings */ + FT_FREE( info->version ); + FT_FREE( info->notice ); + FT_FREE( info->full_name ); + FT_FREE( info->family_name ); + FT_FREE( info->weight ); + + /* release font dictionaries */ + FT_FREE( cid->font_dicts ); + cid->num_dicts = 0; + + /* release other strings */ + FT_FREE( cid->cid_font_name ); + FT_FREE( cid->registry ); + FT_FREE( cid->ordering ); + + cidface->family_name = 0; + cidface->style_name = 0; + + FT_FREE( face->binary_data ); + FT_FREE( face->cid_stream ); } diff --git a/src/pcf/pcfdrivr.c b/src/pcf/pcfdrivr.c index 0fea30e8c..a0c58efba 100644 --- a/src/pcf/pcfdrivr.c +++ b/src/pcf/pcfdrivr.c @@ -196,10 +196,15 @@ THE SOFTWARE. FT_CALLBACK_DEF( void ) PCF_Face_Done( FT_Face pcfface ) /* PCF_Face */ { - PCF_Face face = (PCF_Face)pcfface; - FT_Memory memory = FT_FACE_MEMORY( face ); + PCF_Face face = (PCF_Face)pcfface; + FT_Memory memory; + if ( !face ) + return; + + memory = FT_FACE_MEMORY( face ); + FT_FREE( face->encodings ); FT_FREE( face->metrics ); diff --git a/src/pfr/pfrobjs.c b/src/pfr/pfrobjs.c index 180446d73..56d617d88 100644 --- a/src/pfr/pfrobjs.c +++ b/src/pfr/pfrobjs.c @@ -4,7 +4,7 @@ /* */ /* FreeType PFR object methods (body). */ /* */ -/* Copyright 2002, 2003, 2004, 2005, 2006, 2007 by */ +/* Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -41,10 +41,15 @@ FT_LOCAL_DEF( void ) pfr_face_done( FT_Face pfrface ) /* PFR_Face */ { - PFR_Face face = (PFR_Face)pfrface; - FT_Memory memory = pfrface->driver->root.memory; + PFR_Face face = (PFR_Face)pfrface; + FT_Memory memory; + if ( !face ) + return; + + memory = pfrface->driver->root.memory; + /* we don't want dangling pointers */ pfrface->family_name = NULL; pfrface->style_name = NULL; diff --git a/src/sfnt/sfobjs.c b/src/sfnt/sfobjs.c index d3d8a0252..4e88f8a55 100644 --- a/src/sfnt/sfobjs.c +++ b/src/sfnt/sfobjs.c @@ -1027,10 +1027,16 @@ FT_LOCAL_DEF( void ) sfnt_done_face( TT_Face face ) { - FT_Memory memory = face->root.memory; - SFNT_Service sfnt = (SFNT_Service)face->sfnt; + FT_Memory memory; + SFNT_Service sfnt; + if ( !face ) + return; + + memory = face->root.memory; + sfnt = (SFNT_Service)face->sfnt; + if ( sfnt ) { /* destroy the postscript names table if it is loaded */ diff --git a/src/truetype/ttobjs.c b/src/truetype/ttobjs.c index 801559fe4..d70da2323 100644 --- a/src/truetype/ttobjs.c +++ b/src/truetype/ttobjs.c @@ -4,7 +4,7 @@ /* */ /* Objects manager (body). */ /* */ -/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2007 by */ +/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -330,12 +330,18 @@ FT_LOCAL_DEF( void ) tt_face_done( FT_Face ttface ) /* TT_Face */ { - TT_Face face = (TT_Face)ttface; - FT_Memory memory = face->root.memory; - FT_Stream stream = face->root.stream; + TT_Face face = (TT_Face)ttface; + FT_Memory memory; + FT_Stream stream; + SFNT_Service sfnt; - SFNT_Service sfnt = (SFNT_Service)face->sfnt; + if ( !face ) + return; + + memory = face->root.memory; + stream = face->root.stream; + sfnt = (SFNT_Service)face->sfnt; /* for `extended TrueType formats' (i.e. compressed versions) */ if ( face->extra.finalizer ) diff --git a/src/type1/t1objs.c b/src/type1/t1objs.c index 0d4ad3b0a..ed49d6ea2 100644 --- a/src/type1/t1objs.c +++ b/src/type1/t1objs.c @@ -191,72 +191,75 @@ FT_LOCAL_DEF( void ) T1_Face_Done( T1_Face face ) { - if ( face ) - { - FT_Memory memory = face->root.memory; - T1_Font type1 = &face->type1; + FT_Memory memory; + T1_Font type1; + if ( !face ) + return; + + memory = face->root.memory; + type1 = &face->type1; + #ifndef T1_CONFIG_OPTION_NO_MM_SUPPORT - /* release multiple masters information */ - FT_ASSERT( ( face->len_buildchar == 0 ) == ( face->buildchar == NULL ) ); + /* release multiple masters information */ + FT_ASSERT( ( face->len_buildchar == 0 ) == ( face->buildchar == NULL ) ); - if ( face->buildchar ) - { - FT_FREE( face->buildchar ); + if ( face->buildchar ) + { + FT_FREE( face->buildchar ); - face->buildchar = NULL; - face->len_buildchar = 0; - } + face->buildchar = NULL; + face->len_buildchar = 0; + } - T1_Done_Blend( face ); - face->blend = 0; + T1_Done_Blend( face ); + face->blend = 0; #endif - /* release font info strings */ - { - PS_FontInfo info = &type1->font_info; + /* release font info strings */ + { + PS_FontInfo info = &type1->font_info; - FT_FREE( info->version ); - FT_FREE( info->notice ); - FT_FREE( info->full_name ); - FT_FREE( info->family_name ); - FT_FREE( info->weight ); - } + FT_FREE( info->version ); + FT_FREE( info->notice ); + FT_FREE( info->full_name ); + FT_FREE( info->family_name ); + FT_FREE( info->weight ); + } - /* release top dictionary */ - FT_FREE( type1->charstrings_len ); - FT_FREE( type1->charstrings ); - FT_FREE( type1->glyph_names ); + /* release top dictionary */ + FT_FREE( type1->charstrings_len ); + FT_FREE( type1->charstrings ); + FT_FREE( type1->glyph_names ); - FT_FREE( type1->subrs ); - FT_FREE( type1->subrs_len ); + FT_FREE( type1->subrs ); + FT_FREE( type1->subrs_len ); - FT_FREE( type1->subrs_block ); - FT_FREE( type1->charstrings_block ); - FT_FREE( type1->glyph_names_block ); + FT_FREE( type1->subrs_block ); + FT_FREE( type1->charstrings_block ); + FT_FREE( type1->glyph_names_block ); - FT_FREE( type1->encoding.char_index ); - FT_FREE( type1->encoding.char_name ); - FT_FREE( type1->font_name ); + FT_FREE( type1->encoding.char_index ); + FT_FREE( type1->encoding.char_name ); + FT_FREE( type1->font_name ); #ifndef T1_CONFIG_OPTION_NO_AFM - /* release afm data if present */ - if ( face->afm_data ) - T1_Done_Metrics( memory, (AFM_FontInfo)face->afm_data ); + /* release afm data if present */ + if ( face->afm_data ) + T1_Done_Metrics( memory, (AFM_FontInfo)face->afm_data ); #endif - /* release unicode map, if any */ + /* release unicode map, if any */ #if 0 - FT_FREE( face->unicode_map_rec.maps ); - face->unicode_map_rec.num_maps = 0; - face->unicode_map = NULL; + FT_FREE( face->unicode_map_rec.maps ); + face->unicode_map_rec.num_maps = 0; + face->unicode_map = NULL; #endif - face->root.family_name = NULL; - face->root.style_name = NULL; - } + face->root.family_name = NULL; + face->root.style_name = NULL; } diff --git a/src/type42/t42objs.c b/src/type42/t42objs.c index 174664dfa..76dc51950 100644 --- a/src/type42/t42objs.c +++ b/src/type42/t42objs.c @@ -392,50 +392,50 @@ FT_Memory memory; - if ( face ) - { - type1 = &face->type1; - info = &type1->font_info; - memory = face->root.memory; + if ( !face ) + return; - /* delete internal ttf face prior to freeing face->ttf_data */ - if ( face->ttf_face ) - FT_Done_Face( face->ttf_face ); + type1 = &face->type1; + info = &type1->font_info; + memory = face->root.memory; - /* release font info strings */ - FT_FREE( info->version ); - FT_FREE( info->notice ); - FT_FREE( info->full_name ); - FT_FREE( info->family_name ); - FT_FREE( info->weight ); + /* delete internal ttf face prior to freeing face->ttf_data */ + if ( face->ttf_face ) + FT_Done_Face( face->ttf_face ); - /* release top dictionary */ - FT_FREE( type1->charstrings_len ); - FT_FREE( type1->charstrings ); - FT_FREE( type1->glyph_names ); + /* release font info strings */ + FT_FREE( info->version ); + FT_FREE( info->notice ); + FT_FREE( info->full_name ); + FT_FREE( info->family_name ); + FT_FREE( info->weight ); - FT_FREE( type1->charstrings_block ); - FT_FREE( type1->glyph_names_block ); + /* release top dictionary */ + FT_FREE( type1->charstrings_len ); + FT_FREE( type1->charstrings ); + FT_FREE( type1->glyph_names ); - FT_FREE( type1->encoding.char_index ); - FT_FREE( type1->encoding.char_name ); - FT_FREE( type1->font_name ); + FT_FREE( type1->charstrings_block ); + FT_FREE( type1->glyph_names_block ); - FT_FREE( face->ttf_data ); + FT_FREE( type1->encoding.char_index ); + FT_FREE( type1->encoding.char_name ); + FT_FREE( type1->font_name ); + + FT_FREE( face->ttf_data ); #if 0 - /* release afm data if present */ - if ( face->afm_data ) - T1_Done_AFM( memory, (T1_AFM*)face->afm_data ); + /* release afm data if present */ + if ( face->afm_data ) + T1_Done_AFM( memory, (T1_AFM*)face->afm_data ); #endif - /* release unicode map, if any */ - FT_FREE( face->unicode_map.maps ); - face->unicode_map.num_maps = 0; + /* release unicode map, if any */ + FT_FREE( face->unicode_map.maps ); + face->unicode_map.num_maps = 0; - face->root.family_name = 0; - face->root.style_name = 0; - } + face->root.family_name = 0; + face->root.style_name = 0; } diff --git a/src/winfonts/winfnt.c b/src/winfonts/winfnt.c index 833fb888a..65055ac0a 100644 --- a/src/winfonts/winfnt.c +++ b/src/winfonts/winfnt.c @@ -665,16 +665,18 @@ static void FNT_Face_Done( FNT_Face face ) { - if ( face ) - { - FT_Memory memory = FT_FACE_MEMORY( face ); + FT_Memory memory; - fnt_font_done( face ); + if ( !face ) + return; - FT_FREE( face->root.available_sizes ); - face->root.num_fixed_sizes = 0; - } + memory = FT_FACE_MEMORY( face ); + + fnt_font_done( face ); + + FT_FREE( face->root.available_sizes ); + face->root.num_fixed_sizes = 0; }