From b2ba68665f93be2b03b6b27aa30dc9f190cf3fef Mon Sep 17 00:00:00 2001 From: Behdad Esfahbod Date: Wed, 14 Jan 2015 18:43:13 +0100 Subject: [PATCH] [smooth] Fix uninitialized memory access. Looks like `ras.span_y' could always be used without initialization. This was never detected by valgrind before because the library-wide `raster_pool' was used for the worker object and `raster_pool' was originally zero'ed. But subsequent reuses of it were using `span_y' uninitialized. With the recent change to not use `render_pool' and allocate worker and buffer on the stack, valgrind now detects this uninitialized access. * src/smooth/ftgrays.c (gray_raster_render): Initialize `ras.span_y'. --- ChangeLog | 15 +++++++++++++++ src/smooth/ftgrays.c | 1 + 2 files changed, 16 insertions(+) diff --git a/ChangeLog b/ChangeLog index 62bb09992..ee91e3e24 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,18 @@ +2015-01-14 Behdad Esfahbod + + [smooth] Fix uninitialized memory access. + + Looks like `ras.span_y' could always be used without initialization. + This was never detected by valgrind before because the library-wide + `raster_pool' was used for the worker object and `raster_pool' was + originally zero'ed. But subsequent reuses of it were using `span_y' + uninitialized. With the recent change to not use `render_pool' and + allocate worker and buffer on the stack, valgrind now detects this + uninitialized access. + + * src/smooth/ftgrays.c (gray_raster_render): Initialize + `ras.span_y'. + 2015-01-14 Behdad Esfahbod [base] Don't initialize unused `driver->glyph_loader'. diff --git a/src/smooth/ftgrays.c b/src/smooth/ftgrays.c index 65eb64cc1..4240b01e7 100644 --- a/src/smooth/ftgrays.c +++ b/src/smooth/ftgrays.c @@ -1985,6 +1985,7 @@ typedef ptrdiff_t FT_PtrDist; ras.invalid = 1; ras.band_size = band_size; ras.num_gray_spans = 0; + ras.span_y = 0; if ( params->flags & FT_RASTER_FLAG_DIRECT ) {