RE: [Devel] NT crash in psaux

freetype-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Devel] NT crash in psaux

From:	Blinn, Eric W
Subject:	RE: [Devel] NT crash in psaux
Date:	Mon, 5 Feb 2001 16:13:54 -0600

In a brief moment of brain fade Eric Blinn wrote:
>
> Here's my concern.  Doesn't replacing the REALLOC() with ALLOC() +
> MEM_Copy() leave us with a potential memory leak?  Who frees up the 
> memory that table->block was pointing to before calling 
> reallocate_t1_table()?  

Whoops!  Okay, I took a closer look and I see where that memory
gets freed.  So memory does not get leaked.  However, I think 
this still leaves the pointer object up in PS_Table_Add() dangling 
if it was pointing at the same memory as table->block.  I think 
you are right in that reallocate_t1_table() was buggy before and 
you fixed it, but I don't think it fixes *my* bug.

Anyway, I've got a local fix that does fix *my* bug.  I think it 
fulfills the intent of the code while protecting against a free 
memory read from the dangling pointer.  However, I'm not so sure 
that isn't just masking an underlying problem.  The bigger question 
is why object and table->block are sometimes pointing at the same 
block of memory and whether that is a valid state.

I'll still stand by the other buggy code I reported involving
the uninitialized error code.  :-)

> -----Original Message-----
> From: Blinn, Eric W 
> [mailto:address@hidden
> Sent: Monday, February 05, 2001 4:32 PM
> To: 'Werner LEMBERG'
> Cc: address@hidden
> Subject: RE: [Devel] NT crash in psaux
> 
> 
> 
> Werner Lemberg wrote:
> > > I've replaced the REALLOC() calls with ALLOC() + MEM_Copy().
> > > Theoretically, the bug should be fixed now.
> > 
> > Small correction: I'm not sure whether *your* bug has been fixed by
> > this :-)
> 
> I took a look at the fix today and I think it does fix *my* bug, but
> it may create a new one in *your* library!   ;-)
> 
> Here's my concern.  Doesn't replacing the REALLOC() with ALLOC() +
> MEM_Copy() leave us with a potential memory leak?  Who frees up the 
> memory that table->block was pointing to before calling 
> reallocate_t1_table()?  
> 
> Also, there is separate bug in reallocate_t1_table() that I addressed 
> in the patch I submitted with the initial e-mail message in this 
> thread.  If the REALLOC() from before, or the ALLOC() that has now 
> replaced it, fails then we detect the failure but return the 
> uninitialized variable error.  The return value of REALLOC() 
> or ALLOC() 
> should be getting assigned into error, but isn't.
> 
> 
> > -----Original Message-----
> > From: Werner LEMBERG [mailto:address@hidden
> > Sent: Friday, February 02, 2001 8:22 PM
> > To: address@hidden
> > Cc: address@hidden
> > Subject: Re: [Devel] NT crash in psaux
> > 
> > 
> > 
> > > I've replaced the REALLOC() calls with ALLOC() + MEM_Copy().
> > > Theoretically, the bug should be fixed now.
> > 
> > Small correction: I'm not sure whether *your* bug has been fixed by
> > this :-)> 
> > 
> >     Werner
> > 
> > _______________________________________________
> > Devel mailing list
> > address@hidden
> > http://www.freetype.org/mailman/listinfo/devel
> > 
> 
> _______________________________________________
> Devel mailing list
> address@hidden
> http://www.freetype.org/mailman/listinfo/devel
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Devel] NT crash in psaux, Werner LEMBERG, 2001/02/02
- Re: [Devel] NT crash in psaux, Werner LEMBERG, 2001/02/02
- RE: [Devel] NT crash in psaux, Blinn, Eric W, 2001/02/05
- RE: [Devel] NT crash in psaux, Blinn, Eric W <=
  - Re: [Devel] NT crash in psaux, Werner LEMBERG, 2001/02/06
- RE: [Devel] NT crash in psaux, Blinn, Eric W, 2001/02/06

Prev by Date: [Devel] Re: type1 fontname bug?
Next by Date: [Devel] A Debian (non-)bug report about FreeType 2? Please comment.
Previous by thread: RE: [Devel] NT crash in psaux
Next by thread: Re: [Devel] NT crash in psaux
Index(es):
- Date
- Thread