[cff] Fix another two memory leaks (#58629).

* src/cff/cffobjs.c (cff_size_init): If a call to `funcs->create' fails to allocate one of the `internal->subfont' variables, make sure to free `internal->topfont' and any successfully allocated subfonts.
2020-06-19 18:55:49 +02:00 · 2020-06-19 18:55:49 +02:00 · f594ffdc35
parent 2e2f3cb5ba
commit f594ffdc35
2 changed files with 41 additions and 26 deletions
--- a/9
+++ b/9
@ -1,3 +1,12 @@
+2020-06-19  Sebastian Rasmussen  <sebras@gmail.com>
+
+	[cff] Fix another two memory leaks (#58629).
+
+	* src/cff/cffobjs.c (cff_size_init): If a call to `funcs->create'
+	fails to allocate one of the `internal->subfont' variables, make
+	sure to free `internal->topfont' and any successfully allocated
+	subfonts.
+
 2020-06-19  Sebastian Rasmussen  <sebras@gmail.com>

 	[psaux] Fix memory leak (#58626).
--- a/src/cff/cffobjs.c
+++ b/src/cff/cffobjs.c
@ -168,47 +168,53 @@

    FT_Memory     memory   = cffsize->face->memory;
    CFF_Internal  internal = NULL;
+    CFF_Face      face     = (CFF_Face)cffsize->face;
+    CFF_Font      font     = (CFF_Font)face->extra.data;

+    PS_PrivateRec priv;

-    if ( funcs )
-    {
-      CFF_Face  face = (CFF_Face)cffsize->face;
-      CFF_Font  font = (CFF_Font)face->extra.data;
+    FT_UInt       i;

-      PS_PrivateRec  priv;
+    if ( !funcs )
+      goto Exit;

-      FT_UInt  i;
+    if ( FT_NEW( internal ) )
+      goto Exit;

-
-      if ( FT_NEW( internal ) )
-        goto Exit;
-
-      cff_make_private_dict( &font->top_font, &priv );
-      error = funcs->create( cffsize->face->memory, &priv,
+    cff_make_private_dict( &font->top_font, &priv );
+    error = funcs->create( cffsize->face->memory, &priv,
                             &internal->topfont );
+    if ( error )
+      goto Exit;
+
+    for ( i = font->num_subfonts; i > 0; i-- )
+    {
+      CFF_SubFont  sub = font->subfonts[i - 1];
+
+
+      cff_make_private_dict( sub, &priv );
+      error = funcs->create( cffsize->face->memory, &priv,
+                               &internal->subfonts[i - 1] );
      if ( error )
        goto Exit;
-
-      for ( i = font->num_subfonts; i > 0; i-- )
-      {
-        CFF_SubFont  sub = font->subfonts[i - 1];
-
-
-        cff_make_private_dict( sub, &priv );
-        error = funcs->create( cffsize->face->memory, &priv,
-                               &internal->subfonts[i - 1] );
-        if ( error )
-          goto Exit;
-      }
-
-      cffsize->internal->module_data = internal;
    }

+    cffsize->internal->module_data = internal;
+
    size->strike_index = 0xFFFFFFFFUL;

  Exit:
    if ( error )
+    {
+      if ( internal )
+      {
+        for ( i = font->num_subfonts; i > 0; i-- )
+          FT_FREE( internal->subfonts[i - 1] );
+        FT_FREE( internal->topfont );
+      }
+
      FT_FREE( internal );
+    }

    return error;
  }