[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dvipng] Some memory errors and their fixes
|
From: |
tabe |
|
Subject: |
[Dvipng] Some memory errors and their fixes |
|
Date: |
Sun, 14 Jan 2007 17:09:40 +0900 (JST) |
Hi,
I have found some bugs in the cvs head of dvipng, which will cause
- possible memory leaks,
- fence post errors, or
- a some what misleading error message on mmap.
My poor fixes are the followings:
Index: ft.c
===================================================================
RCS file: /sources/dvipng/dvipng/ft.c,v
retrieving revision 1.27
diff -c -r1.27 ft.c
*** ft.c 7 Nov 2006 20:40:36 -0000 1.27
--- ft.c 14 Jan 2007 07:14:45 -0000
***************
*** 161,167 ****
int error = FT_Done_Face( tfontp->face );
if (error)
Warning("font file %s could not be closed", tfontp->name);
! while(c<NFNTCHARS-1) {
if (tfontp->chr[c]!=NULL) {
UnLoadFT((struct char_entry*)tfontp->chr[c]);
free(tfontp->chr[c]);
--- 161,167 ----
int error = FT_Done_Face( tfontp->face );
if (error)
Warning("font file %s could not be closed", tfontp->name);
! while(c<NFNTCHARS) {
if (tfontp->chr[c]!=NULL) {
UnLoadFT((struct char_entry*)tfontp->chr[c]);
free(tfontp->chr[c]);
Index: misc.c
===================================================================
RCS file: /sources/dvipng/dvipng/misc.c,v
retrieving revision 1.73
diff -c -r1.73 misc.c
*** misc.c 7 Nov 2006 20:40:36 -0000 1.73
--- misc.c 14 Jan 2007 07:14:45 -0000
***************
*** 713,720 ****
fprintf(stderr, "%s warning: ", programname);
vfprintf(stderr, fmt, args);
fprintf(stderr, " ");
- va_end(args);
}
}
/*-->Message*/
--- 713,720 ----
fprintf(stderr, "%s warning: ", programname);
vfprintf(stderr, fmt, args);
fprintf(stderr, " ");
}
+ va_end(args);
}
/*-->Message*/
***************
*** 758,763 ****
--- 758,768 ----
}
# else /* HAVE_MMAP */
fmmap->mmap = malloc(fmmap->size);
+ if (fmmap->mmap == NULL) {
+ Warning("cannot malloc space for <%s>",filename);
+ close(fmmap->fd);
+ return(true);
+ }
if (read(fmmap->fd,fmmap->mmap,fmmap->size)<fmmap->size) {
Warning("too little data in <%s>",filename);
free(fmmap->mmap);
Index: t1.c
===================================================================
RCS file: /sources/dvipng/dvipng/t1.c,v
retrieving revision 1.10
diff -c -r1.10 t1.c
*** t1.c 7 Nov 2006 20:40:36 -0000 1.10
--- t1.c 14 Jan 2007 07:14:45 -0000
***************
*** 180,186 ****
int error = T1_DeleteFont( tfontp->T1id );
if (error)
Warning("font file %s could not be closed", tfontp->name);
! while(c<NFNTCHARS-1) {
if (tfontp->chr[c]!=NULL) {
UnLoadT1((struct char_entry*)tfontp->chr[c]);
free(tfontp->chr[c]);
--- 180,186 ----
int error = T1_DeleteFont( tfontp->T1id );
if (error)
Warning("font file %s could not be closed", tfontp->name);
! while(c<NFNTCHARS) {
if (tfontp->chr[c]!=NULL) {
UnLoadT1((struct char_entry*)tfontp->chr[c]);
free(tfontp->chr[c]);
Index: tfm.c
===================================================================
RCS file: /sources/dvipng/dvipng/tfm.c,v
retrieving revision 1.13
diff -c -r1.13 tfm.c
*** tfm.c 7 Nov 2006 20:40:36 -0000 1.13
--- tfm.c 14 Jan 2007 07:14:45 -0000
***************
*** 67,73 ****
tcharptr->tfmw = (dviunits)
((int64_t) tcharptr->tfmw * tfontp->s / (1 << 20));
DEBUG_PRINT(DEBUG_TFM,(" (%d)",tcharptr->tfmw));
! if (c > NFNTCHARS) /* Only positive for now */
Fatal("tfm file %s exceeds char numbering limit",tfmname);
tfontp->chr[c] = tcharptr;
c++;
--- 67,73 ----
tcharptr->tfmw = (dviunits)
((int64_t) tcharptr->tfmw * tfontp->s / (1 << 20));
DEBUG_PRINT(DEBUG_TFM,(" (%d)",tcharptr->tfmw));
! if (c >= NFNTCHARS) /* Only positive for now */
Fatal("tfm file %s exceeds char numbering limit",tfmname);
tfontp->chr[c] = tcharptr;
c++;
Index: vf.c
===================================================================
RCS file: /sources/dvipng/dvipng/vf.c,v
retrieving revision 1.23
diff -c -r1.23 vf.c
*** vf.c 7 Nov 2006 20:40:36 -0000 1.23
--- vf.c 14 Jan 2007 07:14:45 -0000
***************
*** 117,123 ****
tcharptr->tfmw = (int32_t)
((int64_t) tcharptr->tfmw * tfontp->s / (1 << 20));
DEBUG_PRINT(DEBUG_VF,(" (%d)",tcharptr->tfmw));
! if (c > NFNTCHARS) /* Only positive for now */
Fatal("VF font %s exceeds char numbering limit",tfontp->name);
tfontp->chr[c] = tcharptr;
tcharptr->data=position;
--- 117,123 ----
tcharptr->tfmw = (int32_t)
((int64_t) tcharptr->tfmw * tfontp->s / (1 << 20));
DEBUG_PRINT(DEBUG_VF,(" (%d)",tcharptr->tfmw));
! if (c >= NFNTCHARS) /* Only positive for now */
Fatal("VF font %s exceeds char numbering limit",tfontp->name);
tfontp->chr[c] = tcharptr;
tcharptr->data=position;
Thanks.
-- Takeshi Abe
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Dvipng] Some memory errors and their fixes,
tabe <=