| Summary: | Null pointer dereference on OOM in _clip_and_composite_trapezoids() | ||
|---|---|---|---|
| Product: | cairo | Reporter: | timeless <timeless> |
| Component: | general | Assignee: | Carl Worth <cworth> |
| Status: | RESOLVED FIXED | QA Contact: | cairo-bugs mailing list <cairo-bugs> |
| Severity: | normal | ||
| Priority: | high | CC: | kherron+cairo |
| Version: | 1.1.1 | ||
| Hardware: | PowerPC | ||
| OS: | Mac OS X (All) | ||
| URL: | http://gitweb.freedesktop.org/?p=cairo;a=blob;h=9dde31f23afbdb686aefbc209ab2b5faffcc42d6;hb=92e09ee72fdde9059300b2b63d87e2bbd4286605;f=src/cairo-surface-fallback.c#l551 | ||
| Whiteboard: | |||
| i915 platform: | i915 features: | ||
|
Description
timeless
2006-03-10 04:49:50 UTC
This is now fixed in cairo 1.1.1 and 1.0.3. -Carl diff-tree 6f0d8eedc504e8af2224c502be25dc82b5df70f4 (from 79075b2cb1ce1397506fc10572df96f6fd00ecc3) Author: Carl Worth <cworth@cworth.org> Date: Mon Mar 13 12:25:25 2006 -0800 _clip_and_composite_trapezoids: Avoid NULL pointer dereference due to OOM. This closes bug #6197: Null pointer dereference on OOM in _clip_and_composite_trapezoids() https://bugs.freedesktop.org/show_bug.cgi?id=6197 diff --git a/src/cairo-surface-fallback.c b/src/cairo-surface-fallback.c index 9dde31f..9b6cfd6 100644 --- a/src/cairo-surface-fallback.c +++ b/src/cairo-surface-fallback.c @@ -549,6 +549,9 @@ _clip_and_composite_trapezoids (cairo_pa return status; clear_region = _cairo_region_create_from_rectangle (&extents); + if (clear_region == NULL) + return CAIRO_STATUS_NO_MEMORY; + status = _cairo_clip_intersect_to_region (clip, clear_region); if (status) return status; ...and marked as resolved. |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.