[cff] Fix handling of `style_name == NULL' (#58630).
* src/cff/cffobjs.c (cff_face_init): If a call to `cff_strcpy' fails by returning NULL in `cff_face_init', `remove_style' is still called. This means that the NULL pointer is dereferenced, causing a crash.
This commit is contained in:
parent
de088b1dfd
commit
a443474755
|
@ -1,3 +1,12 @@
|
||||||
|
2020-06-20 Sebastian Rasmussen <sebras@gmail.com>
|
||||||
|
|
||||||
|
[cff] Fix handling of `style_name == NULL' (#58630).
|
||||||
|
|
||||||
|
* src/cff/cffobjs.c (cff_face_init): If a call to `cff_strcpy' fails
|
||||||
|
by returning NULL in `cff_face_init', `remove_style' is still
|
||||||
|
called. This means that the NULL pointer is dereferenced, causing a
|
||||||
|
crash.
|
||||||
|
|
||||||
2020-06-19 Sebastian Rasmussen <sebras@gmail.com>
|
2020-06-19 Sebastian Rasmussen <sebras@gmail.com>
|
||||||
|
|
||||||
[cff] Fix another two memory leaks (#58629).
|
[cff] Fix another two memory leaks (#58629).
|
||||||
|
|
|
@ -950,7 +950,8 @@
|
||||||
style_name = cff_strcpy( memory, fullp );
|
style_name = cff_strcpy( memory, fullp );
|
||||||
|
|
||||||
/* remove the style part from the family name (if present) */
|
/* remove the style part from the family name (if present) */
|
||||||
remove_style( cffface->family_name, style_name );
|
if ( style_name )
|
||||||
|
remove_style( cffface->family_name, style_name );
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue