[truetype] Fix memory leak.

Problem reported by Grissiom <chaos.proton@gmail.com>; in http://lists.nongnu.org/archive/html/freetype/2015-05/msg00013.html there is an example code to trigger the bug. * src/truetype/ttobjs.c (tt_size_init_bytecode): Free old `size' data before allocating again. Bug most probably introduced four years ago in version 2.4.3.
2015-06-03 00:54:09 +02:00 · 2015-06-03 00:54:09 +02:00 · 75534a0432
parent d1ade6d11a
commit 75534a0432
2 changed files with 25 additions and 1 deletions
--- a/16
+++ b/16
@ -1,4 +1,18 @@
-2015-06-01  Werner Lemberg  <wl@gnu.org>
+2015-06-03  Werner Lemberg  <wl@gnu.org>
+
+	[truetype] Fix memory leak.
+
+	Problem reported by Grissiom <chaos.proton@gmail.com>; in
+
+	  http://lists.nongnu.org/archive/html/freetype/2015-05/msg00013.html
+
+	there is an example code to trigger the bug.
+
+	* src/truetype/ttobjs.c (tt_size_init_bytecode): Free old `size'
+	data before allocating again.  Bug most probably introduced four
+	years ago in version 2.4.3.
+
+2015-06-02  Werner Lemberg  <wl@gnu.org>

 	[raster] Add more tracing.

--- a/src/truetype/ttobjs.c
+++ b/src/truetype/ttobjs.c
@ -954,6 +954,16 @@
    TT_MaxProfile*  maxp = &face->max_profile;


+    /* clean up bytecode related data */
+    FT_FREE( size->function_defs );
+    FT_FREE( size->instruction_defs );
+    FT_FREE( size->cvt );
+    FT_FREE( size->storage );
+
+    if ( size->context )
+      TT_Done_Context( size->context );
+    tt_glyphzone_done( &size->twilight );
+
    size->bytecode_ready = -1;
    size->cvt_ready      = -1;