From e98cdc3215ccc826242573675ff37486c6707660 Mon Sep 17 00:00:00 2001 From: Piotr Caban Date: Thu, 27 Apr 2017 16:27:33 +0200 Subject: [PATCH] dwrite: Don't crash on uninitialized cached and factory fields in dwritefontface_Release. The function may be called with the fields uninitialized from create_fontface when init_font_data fails. Signed-off-by: Piotr Caban Signed-off-by: Nikolay Sivov Signed-off-by: Alexandre Julliard --- dlls/dwrite/font.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/dlls/dwrite/font.c b/dlls/dwrite/font.c index ca2d69a6f33..328e5e43a74 100644 --- a/dlls/dwrite/font.c +++ b/dlls/dwrite/font.c @@ -501,8 +501,10 @@ static ULONG WINAPI dwritefontface_Release(IDWriteFontFace4 *iface) heap_free(This->glyphs[i]); freetype_notify_cacheremove(iface); - factory_release_cached_fontface(This->cached); - IDWriteFactory4_Release(This->factory); + if (This->cached) + factory_release_cached_fontface(This->cached); + if (This->factory) + IDWriteFactory4_Release(This->factory); heap_free(This); } @@ -4283,7 +4285,7 @@ HRESULT create_fontface(const struct fontface_desc *desc, struct list *cached_li *ret = NULL; - fontface = heap_alloc(sizeof(struct dwrite_fontface)); + fontface = heap_alloc_zero(sizeof(struct dwrite_fontface)); if (!fontface) return E_OUTOFMEMORY; @@ -4301,11 +4303,6 @@ HRESULT create_fontface(const struct fontface_desc *desc, struct list *cached_li fontface->ref = 1; fontface->type = desc->face_type; fontface->file_count = desc->files_number; - memset(&fontface->cmap, 0, sizeof(fontface->cmap)); - memset(&fontface->vdmx, 0, sizeof(fontface->vdmx)); - memset(&fontface->gasp, 0, sizeof(fontface->gasp)); - memset(&fontface->cpal, 0, sizeof(fontface->cpal)); - memset(&fontface->colr, 0, sizeof(fontface->colr)); fontface->cmap.exists = TRUE; fontface->vdmx.exists = TRUE; fontface->gasp.exists = TRUE; @@ -4313,7 +4310,6 @@ HRESULT create_fontface(const struct fontface_desc *desc, struct list *cached_li fontface->colr.exists = TRUE; fontface->index = desc->index; fontface->simulations = desc->simulations; - memset(fontface->glyphs, 0, sizeof(fontface->glyphs)); for (i = 0; i < fontface->file_count; i++) { hr = get_stream_from_file(desc->files[i], &fontface->streams[i]); @@ -4338,7 +4334,6 @@ HRESULT create_fontface(const struct fontface_desc *desc, struct list *cached_li } } - fontface->flags = 0; fontface->charmap = freetype_get_charmap_index(&fontface->IDWriteFontFace4_iface, &is_symbol); if (is_symbol) fontface->flags |= FONTFACE_IS_SYMBOL;