Commit dec8e7b97dd10e72890f785c98c9cd8fae8185b6
2008-09-19T16:47:01
* src/base/ftobjs.c: Fix double free bug in sfnt-wrapped Type1/CID font support
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
diff --git a/ChangeLog b/ChangeLog
index 5b75144..303b640 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,11 +1,21 @@
2008-09-19 suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
+ * src/base/ftobjs.c (Mac_Read_sfnt_Resource): Fix double free bug
+ in sfnt-wrapped Type1 and sfnt-wrapped CID-keyed font support code.
+ open_face_from_buffer() frees the passed buffer when it cannot
+ open a face from the buffer, so the caller must not free it.
+
+2008-09-19 suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
+
* src/base/ftobjs.c (Mac_Read_sfnt_Resource): Add initial support
for sfnt-wrapped Type1 and sfnt-wrapped CID-keyed font.
(ft_lookup_PS_in_sfnt): New function to look up `TYP1' or `CID '
table in sfnt table directory. It is used before loading TrueType
font driver.
+ * docs/CHANGES: Add note about the current status of sfnt-wrapped
+ Type1 and sfnt-wrapped CID-keyed font support.
+
2008-09-18 Werner Lemberg <wl@gnu.org>
* src/base/ftsystem.c (FT_Done_Memory): Use ft_sfree directly for
diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c
index dc4905f..fa9ae7f 100644
--- a/src/base/ftobjs.c
+++ b/src/base/ftobjs.c
@@ -1539,8 +1539,6 @@
FT_FREE( sfnt_data );
goto Exit;
}
-
- FT_FREE( sfnt_ps );
}
Try_OpenType:
error = open_face_from_buffer( library,